How To Prevent Domain Hijacking Attacks
To prevent domain hijacking, ICANN already has measures in place. For instance, it imposes a 60-day waiting period between a change in the registration information and a transfer to another domain registrar.
This makes it harder for attackers to take over a domain and gives the original owner ample time to realize a transfer has been initiated.
Aside from that, here are the measures you can take on your own to prevent illegal and unwanted domain transfers:
1. Enable Domain Locking
Some domain registrars automatically enable domain locking to prevent unauthorized transfers. You can check with your registrar to see if they have locked your domain.
In case they dont do it automatically, most registrars provide an option inside your account to enable domain locking.
If someone unlocks it, youll receive a notification that domain locking has been turned off.
2. Enable Domain Privacy Protection
When you register a domain name, your personal information is made public in the WHOIS database. Hackers can use these details such as your name and contact number to gain access into your account.
You can get domain privacy protection with your domain registrar or web host. Learn more about that here: Domain Name Privacy: Why You Need It and Where to Buy
3. Change your passwords regularly: Its a recommended security practice to change your password regularly. We live in a world where passwords are leaked quite often.
5. Set up renewal reminders or auto-renew:
How Is A Domain Hijacked
There are a few different methods in which your domain name can be hijacked however, the easiest and most common way is by changing the administrator’s handle information through social engineering or hacking into the administrators email account. The first piece of information that an attacker needs to access their targets’ domain control panels is the administrative contact email address. This can be found of public record via the WHOIS record for the domain. Or in some cases, a disgruntled employee may simply already have the necessary information.
Once the hacker has obtained the email address, they are just an email hack or phone call away from taking over their targets’ domain. Seems simple, doesn’t it?
You Can Be A Victim Of A Sophisticated Dns Attack
This magic consists of a chain of machines asking each other the question what IP should this address point to?, and largely depend on a technology called DNS the phonebook of the internet.
DNS, in its primary form, was not made to be secure. The evolution of the internet has made it harder for people to exploit the technology in order to redirect your users to a different, malicious server, but a couple of more or less sophisticated attacks such as cache-poisoning of the recursive resolver make it possible for hackers to create confusion and redirect a portion of your users to their servers.
The good guys have created DNSSEC, an extension to DNS, so this can be avoided by cryptographical signing of the DNS data, but there still are many domain names that do not support it, and configuring it is not a straightforward process with all registrars, so more often than not it is left off. While this does not let hackers steal your domain name per se, it does allow them to hijack your audience, and can cause just as large of a reputation hit. Read More:What is DNSSEC and Why Should You Care About It
You May Like: Transfer Squarespace Domain To Godaddy
An Introduction To Domain Disputes
As you can probably guess, a domain dispute occurs when multiple parties claim the right to use a particular generic top-level domain name. This includes .com, .net, and .org .
A common example is when one party is using a domain that contains a trademark owned by the other party. This practice is commonly known as cybersquatting. In these cases, people buy domains that correspond to brands they are not affiliated with in order to steal away some of their traffic.
Another related practice is typosquatting, where a person buys domains that are very similar to another with a slight variation in spelling. For example, a well-known phishing site used a variation on google.com, which meant they received plenty of traffic from users incorrectly trying to access the search engine.
There are numerous reasons people engage in these practices. Naturally, money is a significant factor. Back in the day, if you managed to buy a domain before the trademark owners had the chance to do so, you could sell it back to them at a higher price.
However, domain disputes can also arise for even more malicious reasons. For example, a user could buy a domain to inconvenience a particular brand, to compete with them, or even to impersonate them.
The domain dispute process was created to resolve these kinds of cases. It enables trademark holders to contest ownership of domains that are used by others by proving that they have a right to use the domain and that the other party is using it in bad faith.
Sites With Same Problem
davidairey.com Resolved
abduzeedo.com Prevented Was able to stop domain transfer before it happened, but all signs indicate the same hacker tried to steal it Originally on DreamHost
css-tricks.com Resolved Originally at GoDaddy, Bad Guy moved to PlanetDomain Domain is back at GoDaddy.
davidwalsh.name Resolved Originally at GoDaddy, Bad Guy moved to Name.com then to 1and1 Name.com is was able to get it back from 1and1, although I dont think it was through cooperation on 1and1s part.
scriptandstyle.com Resolved Originally at GoDaddy, Bad Guy moved to PlanetDomain David Walsh is the owner of this domain. Transferred back to GoDaddy on December 6th.
sohtanaka.com Unresolved Originally at 1and1, Bad Guy moved to PlanetDomain Soh Tanakas site is offline . PlanetDomain is ready to give the domain back to 1and1, but 1and1 isnt responsive.
designshack.net Resolved Originally at GoDaddy, Bad Guy moved to PlanetDomain David Appleyard is the owner of this domain. Transferred back to GoDaddy.
instantshift.com Resolved Originally at GoDaddy, Bad Guy moved to PlanetDomain Daniel Adams has domain back in GoDaddy account.
kirupa.com Resolved Originally on NetworkSolutions, Bad Guy moved to PlanetDomain Kirupa Chinnathambi has domain back.
shiachat.com Resolved Originally on 1and1, Bad Guy moved to PlanetDomain. Stolen on October 8, went down on November 24. Ali A. is now has domain back .
Don’t Miss: Who Owns Domain Name Checker
Research And Find Out The Domain Name Value
The first step towards buying a domain name is to find out what that specific domain is worth. Thats because some domains can be quite expensive. Its best to know if you can afford to make an offer before spending hours trying to figure out how to buy it.
If you do loads of research only to realize that its too expensive, youll be way more disappointed for having wasted your time and effort.
Finding out a domain value is easy. For that, you can go to any domain appraisal site and enter the domain youre interested in. Heres how you can use the domain appraisal tool for GoDaddy.
Simply visit the site and enter the domain address with its extension in the field offered. Now click on the GoValue button.
It will quickly give you a rough estimation of what that domain name is worth. On the right-hand side, it will also compare the same domain name with other extensions and display the price value of each.
This is helpful because you may find that other domain extensions are more affordable than the one you originally had in mind.
How Can You Prevent Domain Stealing From Happening To You
Lets see what can be done to protect your domain names from being illegally transferred to another registrar.
Use two-password authentication on your domain contact email. As weve said before, most domain thieves will target the email associated with your domain names. That is the one used to approve domain changes, especially when you need the authentication code to start the domain transfer.
When you use a weak password, the probability your email will be hacked is really high. In this case, the best you can do is set a stronger password, and after that, activate 2FA protection.
This way, even if the crackers get your email password, they wont be able to log in to your inbox, and youll be notified about the attempt.
Remember that the really useful and safe 2FA protection method is the one integrated with popular apps like Google Authenticator or Authy apps. 2FA using text messages is every bit as vulnerable as using an unprotected email address.
Never use ISP-based email addresses or legacy email providers. AOL, Verizon, Comcast, Yahoo and other popular providers use old and vulnerable email systems that have been targeted by password data leak attacks in the past, exposing your login details to the entire Internet.
This is easily verifiable by using sites like Have I Been Pwned? Start using Gmail or ProtonMail with two-factor authentication enabled.
You May Like: How To Tell Who Owns A Domain Name
Your Registrar Can Be Compromised
There are people working at registrars, and they can get hacked and scammed just like you can. Always pick an accredited registrar, and try to go over their procedures. Ideally, you should pick a registrar that would help you with registry and registrar domain locking a procedure that makes it more complicated to register.
Some experts advise against using the same company for domain names and hosting services, as getting control over your hosting account will not let them get to your domain names.
Never Never Let Your Domain Expire
Renew your domain name at least two months before the expiry date and for a period no less than two years. Don’t let it expire, because domainers could use a domain acquisition option Domain Backorder that will give them the possibility to preorder’ your domain until it expires and it’s made available for registration.
Pay attention to your domain’s REGISTRAR-HOLD status: if it is set on REDEMPTIONPERIOD or PENDINGDELETE, hurry up and renew it. There are more status codes besides these two and the list here contains standardized domain status code which gives you explanations of your domain name status.
Is Domain Backorder a legit purchase option?
Generally, backordering is considered legitimate, albeit risky for the buyer. In fact, a Backorder is nothing but a hope to be able to acquire a domain name, one day, but the current registrant could renew the domain any time before it drops, trumping the backorderer’s purchase. Domain Backorders are expensive if compared to standard domain prices, so it’s never the first option to consider when acquiring a domain name. Here are some of the popular websites for domain backorder:
Also Check: How To Transfer Squarespace Domain To Godaddy
Domain Hijacking And Domain Spoofing
The domain name is one of the most valuable assets for a business that has a strong online presence. It is associated with a certain level of trust and a loss of a domain name can have serious consequences. However, the value of the domain is also a very tasty treat for cybercriminals who employ several methods to either take control of a valuable domain name or exploit user trust in that domain name.
How To Buy A Taken Domain Name
Is the domain name that you wanted for your business already taken?
After spending a lot of time thinking about the perfect domain name for your site, you may find that its already been taken by someone else. But the good news is that you still have some options for getting a domain, even if it doesnt appear available at first glance.
In this article, well tell you how to buy a taken domain name in 7 easy steps.
But before we start, lets get familiar with the different types of domain names there are, so you know which one would be ideal for your business.
Recommended Reading: How To Transfer Squarespace Domain To Godaddy
How Can Companies Stop Their Domains From Being Spoofed
SSL certificate can help make website spoofing more difficult for attackers, as they will then have to register for a spoofed SSL certificate in addition to registering the spoofed domain.
Unfortunately, there isn’t a way to stop domain spoofing in email. Companies can add more verification to the emails they send via DMARC, DKIM, and other protocols, but external parties can still send fake emails using their domain without this verification.
Sales
What Are Hijacked Domains Used For
Why are domain names hijacked? What can a hijacker do with a stolen domain? Hackers may want to steal your domain for several reasons. As you can imagine they are always looking for economic gain. Usually, the hijacked domains become inaccessible and your online identity under that domain, i.e. your website, is no longer to be found. A ruinous outcome since your business relies on its website as a source of income. This is why the hacker may ask for a ransom to transfer the domain back to you. In other cases, the hijacker could replace your website with another similar one and misuse it for phishing or other malicious activity. A real threat for your users who may mistakenly enter their sensitive information, such as bank details, on this new bogus website. The hacker could also impersonate your brand identity and damage your reputation with fake news or negative statements. The hacker can also resell your domain name, once it was successfully transferred.
Notable cases of domain hijacking
Read Also: How Much Should A Domain Name Cost Per Year
How To Avoid Getting Tricked By Domain Thieves
Here are a few tips to help you avoid getting involved in illegal domain-selling activities:
Run intelligence research about the person or company that is selling the domain name. Ask for opinions in specialized domain forums like NamePros, DNForum, etc.
How trustworthy is his profile? Has he had any other suspicious domain-selling activity before? Any trouble with other members? Keep all of this in mind.
Now, lets get back to the root of the problem if you are the legal owner of the domain name.