URL changes are relatively common in the world of e-commerce. Motivations for such changes may be born out of a desire to adapt to organizational shifts such as mergers or rebranding, take advantage of registrar incentives, or sell the domain to an interested party. While the process is often relatively straightforward and involves transferring domain rights from one account to another, there are potential risks associated with ownership changes as failure to communicate ownership changes properly to the merchant’s payment service provider could create exposure for reputational harm and card network violations.
What Risks Are Associated With URL Ownership Changes for Merchants?
URL ownership changes carry the potential for negative impact on the parties involved. Changing ownership may significantly misdirect, slow down, or halt a site’s growth in organic search traffic. Search engines like Google prioritize accuracy in their search results and may struggle to interpret changes in website ownership. When new content appears on a domain that was previously associated with another entity, search engines may misinterpret the situation; this can potentially lead to a downgrade in the URL's ranking or even its removal from search results.
Additionally, failure to implement proper redirects when transferring a URL can result in a 404 error page, commonly referred to as a “page not found” error. While the web page exists on the domain, it appears broken or completely empty. This type of website behavior can also lead to pages being downranked and it may take significant time to recover the losses in website traffic.
What Risks Are There for Payment Service Providers?
One of the greatest potential risks posed by an ownership change is the updated website content itself. These changes in ownership carry the risk of reputational harm for the former URL’s owner, as well as the potential for card brand fines for payment processors, if the transfer was not effectively documented and communicated. The most frequent high-risk offenders LegitScript observes are adult or gambling content, typically on domains that may appear to be otherwise nonfunctional. Malicious actors can purchase a domain with relatively little activity and utilize it to host risky content under the previous owner’s domain name.
This behavior carries potential risk, particularly for those operating in the e-commerce space. While the domain itself may have changed hands, the website may still be aligned with payment processors under the previous owner. Payment processors could be left holding the bag for chargebacks and payments processed under the original owner’s account, despite the change in URL ownership.
The screenshot above displays a website that was previously the home of a Congressional candidate, now seen driving traffic to online casinos.
The screenshot above shows common errors such as images not properly displaying while also offering gambling opportunities like online casinos and slots.
LegitScript Analysts Continuously Research Websites and Merchant Details for Risk
While bad actors continue their efforts to avoid detection by disguising changes to domain ownership, LegitScript analysts have paid close attention to common strategies employed by these merchants. Dramatic changes in website content can be an indicator that ownership of the domain has changed, particularly when paired with changes to the website’s technical data (e.g., domain name server, registrar). LegitScript remains vigilant for potential ownership changes and accompanying risk to better safeguard the payments ecosystem.
Contact us and see how LegitScript can help with any questions or concerns.
