Social Network For Security Executives: Help Make Right Cyber Security Decisions
Domain hijacking is the act of changing the domain name registration without the original Registrant’s permission, or by abuse of privileges on domain hosting and registrar software systems. It is a form of theft that takes place online, where the thief/attacker takes access of a domain without the consent of the domain registrant. It is up to you and your domain/ hosting company to prevent your domain falling prey to these kinds of attacks because they happen due to security flaws.
Domains can be hijacked for malicious use, when attackers seek to take a website/domain down. If it is inaccessible then the domain owner might be losing money, their reputation as a safe website gets affected. The attackers might extract money form you to hand back the domain or they might use it for sensitive information from unknowing visitors which is called as phishing.
Some Attackers/Hackers might transfer the domain from its rightful owner to other name. For these kinds of cases, it is difficult to get back your domain. They might impersonate you to request the registrar to transfer the domain to another account. Legal help is necessary for cases like these.
To hijack a domain, an Attacker/Hacker needs to gain access to the targeted domain’s control panel. For domain hijacking, they need the details like
A straightforward lookup in the public WHOIS database of the target domain will give away the information related to administrator record to attacker including the admin email ID associated with the domain. In effect, anyone listing their information in the WHOIS database is giving out the back-door entry to hijacking their domain name.
To unlock the domains control panel to take over full access, the hacker must hack the admin email to get full access. Once they have this access, they will reset the control panel password, login in and hijack the domain.
Protect your domain cPanel (Control Panel) – don’t allow your domain to suffer from hijacking because of your negligence toward security. Once the domain is registered, the registrar will grant you access to your domain’s cPanel. From the Control Panel, you can modify your domains settings such as which server it is pointed toward.
On registration, you will have to provide an email address for access to the panel. If anyone has the access to the administrative email account, they have get access to your domains control panel and all its settings. Hackers often get this information from the WHOIS registration records. Using domain privacy will block them from access to any information. Use WHOIS privacy to block your name from the WHOIS records, swapping your details for your domain registrars in the records.
Choosing a trusted domain provider –
Another security threat comes is the result of the security failings of your domain provider. If a hacker/attacker has access to the back end of your registrar, your domain might be at risk.
To protect yourself, choose an ICANN accredited domain registrar. ICANN is the body who coordinate IP addresses for domain names across the world, and they also issue new domain extensions. If there are any disputes over ownership, administering body ICANN is the best bet to recover a domain.
Enabling domain auto-renewal –
Not all domains are easily stolen, your domain registration could expire, and someone can register the domain in the meantime. This is an entirely legal practice, so you can’t take any actions against this kind of behavior. To avoid this to happen, enable auto-renewal for your domain or register the domain for longer durations. Most registrars keep it for ten years for example.