Even the most reputable tried and true do not guarantee anything. They can and will kick you out on a whim.
You can still mitigate the risk though. Use multiple domains in all marketing materials from different tlds and different registrars. Use regional domains. Have alternative ways to communicate with your customers. It's all very basic stuff. Merely thinking about it gets you far. Most people don't even think about it and blindly rely on centralized services: domain registrars, dns providers, cdn providers, single hosting/cloud provider, etc.
Would you mind providing some details on this approach? Multiple domains in marketing materials sounds like it would create confusion among customers. Are you specifically referring to companies with an international presence? Thanks
In practice people don't think about or even look at URLs, that's why phishing works. They recognize sites based on logos and stylesheets and often go to places by googling the brand name and clicking on the first link. If you forward every domain to a primary domain at the DNS level, your pagerank probably won't be hurt by this practice.
to go a step further, adding out of band contact info is a big deal.
Forward mycompanyname@gmail.com to info@mycompanyname.com and give it out in the emergency support info for support contracts Add it to your status page as needed, (which should be running on someone else's service or mycompanynamestaus.com).
Customers that really need your service, like the ones who pay, will check the status page and can update the endpoint as needed.
Make sure your sip lines don't point to mycompanyname.com.
If you publish a client side app, use 2 domain names as endpoints, mycompanyname.com and mycompanyname.io. Have the app or service check for and fail over if one doesn't work.
Make sure paging and technician notification is handled by a system that won't be affected by this. (nothing more amazing then getting 200 pages AFTER you've spent 2 days recovering a total failure of a system. You just want to go to sleep but you have to wait for the email queue to drain since you can't turn your pager off.)
Either way, use 2 domain names, and set them to expire at 6 MO intervals. Buy the domain for 2 years (or more) and renew every year so you always have 1-2 year lead time to sort out issues.
The list above would probably cost about $200/year and a few extra hours but it keeps you from getting backed into a corner. Everything else in our infrastructures has fail overs, and limited blast radius for failures.
We tend to us domain registration as a single point of failure and one one even things about it.
Even if you pre-plan, how many of your customers will think some random e-mail from a totally different domain explaining the situation are not a Phishing attempt? (The percentage that don't .. are probably the percentage with the least security sense).
Perhaps, though, in this situation, the had 2/3 days to make people aware.
Also, if the call customer service and you validate it, then they are only offline for a couple hours not days. Also, you should have a status page or twitter or something out of band that you tell people about the day they sign up. You can update there.
EVERY production service with customers needs an out of band way to update. And you have to build and announce that before you need it.
You can still mitigate the risk though. Use multiple domains in all marketing materials from different tlds and different registrars. Use regional domains. Have alternative ways to communicate with your customers. It's all very basic stuff. Merely thinking about it gets you far. Most people don't even think about it and blindly rely on centralized services: domain registrars, dns providers, cdn providers, single hosting/cloud provider, etc.