Close

How to Protect Yourself from Domain Hijacking

Like other forms of identity-based crime, domain hijacking generally involves someone tricking a domain registrar into giving them access to your registered domain and transferring ownership to themselves.
Like other forms of identity-based crime, domain hijacking generally involves someone tricking a domain registrar into giving them access to your registered domain and transferring ownership to themselves.

On the 24th of April 2005, Hush Communications discovered that their website had been diverted meaning that customers could not access their Hushmail service, and email could not be delivered. 

It turned out that an unauthorised person convinced Network Solutions to change the administrative contact to himself. He then proceeded to deface the website. In this example, the website was defaced for six hours, but some customer access took between 16-72 hours to restore.

It may seem like a foreign concept to you, but domain hijacking happens more often than it should.  Like other forms of identity-based crime, domain hijacking generally involves someone tricking a domain registrar into giving them access to your registered domain and transferring ownership to themselves.

In the Hushmail fraud, the attacker used social engineering techniques to convince a new 1st-level customer support agent to make a change to the contact email account. The fraudster was extremely familiar with the ISPs customer service procedures and terminology.

When it comes to domain names there are a number of ways you can lose your domain name. You could forget to renew your domain name, which is not domain hijacking and something you can prevent by ensuring your accounts are paid on time. The other way is someone who impersonates you and attempts to steal any your domain name. Which is theft.

One of the recommendations coming out of this particular incident was the use of domain locking. Domain locks can be placed by you on your domain name to ensure that the details cannot be altered without you logging in to make changes to your account.

Your domain name registrar should allow you to lock your domain name either by phone, fax, email, or online domain manager using your login and password. 

Your domain registrar will let you know which method they require.  Once a lock is placed on your domain name, a transfer of registrar cannot be completed unless the lock is removed by you.

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Leave a Reply

Your email address will not be published. Required fields are marked *

* Checkbox GDPR is required

*

I agree

This site uses Akismet to reduce spam. Learn how your comment data is processed.

6 Actions to Drive More Website Visitors

Recently I had a conversation with a new client about how to bring more people to her website as she was suffering from low visitor numbers. Here are six key actions I suggested as a way to remedy poor traffic.

Website Maintenance – Should you DIY?

Knowing those things that you’re really skilled at is critical to ensuring you are spending your time on the right things.

Why A Shared Server is not Good Enough for WooCommerce

A Virtual Private Server will give you an astonishing boost in WooCommerce speed. Find out how smart clients are getting favourable results right now with Asporea VPS.

GDPR and Doing File Sharing Responsibly

In a world now obliged by European GDPR laws, have you considered privacy when it comes to the use of file sharing apps like Dropbox or WeTransfer?

WAIT! BEFORE YOU GO

WANT TO SUBSCRIBE?