top of page
Domain Hijacking
Domain hijacking is the act of changing the registration details of a domain without the permission of its owner. It could also happen as a result of abuse of privileges on domain hosting and the registrar software systems.
In simple terms, it's when a hacker wrongfully gains control of the Domain Name System (DNS) information of a website which enables them to make an unauthorized changes and transfers of the domain name to their advantage.
How Does Domain Hijacking Happen?
There are a variety of ways in which a domain name can be hijacked. The most common way is when a hacker changes the administrator’s handle information through social engineering or by hacking into the administrators email account.
The first piece of information that a hacker needs to do this is the administrative contact email address. This is often found via the WHOIS record for a specific domain. In some cases, though, it could be a disgruntled employee that already has the necessary information.
Once the hacker has the administrators email address, they can use a simple email hack or phone call to get the necessary information in order for them to take over the target domain.
Hackers do this for a variety of reasons. The first is to transfer the domain name to redirect Internet traffic through an external host. For obvious reasons this can be very damaging when an e-commerce business is targeted.
Another reason is to enable and interfere with communication channels like web and email. In this way, the hacker can receive all the target’s incoming emails, and also send out fake emails from the target address. So, a hacker could send out spam or promotional emails from that account to the target’s customers.
It could also be to point the current website to a malicious site. This could end up being very damaging to a target’s reputation and lead to the loss of their customers. It also poses a serious risk of phishing where hackers can replicate a target’s website and direct customers there to collect their personal information.
Lastly, hackers can take over the domain with the aim of selling it or extorting a ransom from the owner. This is simply because sought-after domains can fetch high prices when resold.
What Can I Do To Prevent Domain Hijacking?
In order to prevent domain hijacking, it's vital that businesses make domain name protection a part of their security policy. In other words, they should identify domain names as an asset and take the necessary steps to protect them.
It's also crucial that they keep their registrant account information private, secure, and recoverable in order to protect this information. A helpful tip here is to use a different name from their transfer contact email address to log in to their registered domain name provider’s self-help self-administration pages.
It's also crucial that they keep their registrant account information private, secure, and recoverable in order to protect this information. A helpful tip here is to use a different name from their transfer contact email address to log in to their registered domain name provider’s self-help self-administration pages.
bottom of page