FRAUD AND INTRUSIONS: Domain Hijacking
In this article, you will learn about domain hijacking. We’ll explain how it works, why your business may be targeted, and discuss the array of options and tools Ports Group provides to protect against it.
What is domain hijacking? Learn how to protect against it
All manner of cyber fraud and digital attacks can be launched against your business. Domain hijacking involves a person or group changing the registration of a website and claiming to be the rightful owner of that domain, often for financial gain or to grab access to sensitive information. Learn how to protect yourself against domain hijacking with Ports Group.
A malicious, structured attack with a clear purpose
Not to be confused with DNS hijacking (subverting the Domain Name System queries so that traffic is redirected to malicious websites) or domain spoofing (impersonating a company or its employees), domain hijacking is a deliberate attempt to alter the registration of a domain name without your permission. An attack may be executed by a single individual or a group or organisation.
For the most part, this will see the attacker hijack your domain and claim to be the legitimate and rightful owner of said website. This form of sabotage is typically aimed at larger companies, although domain theft can strike whatever size business that you run. The more profitable or less secure your business is, the easier a target it becomes.
The how and why of domain hijacking
There are several ways that domain hijacking can unfold, even if, for the most part, attackers tend to sing from the same hymn sheet. Generally, though, all incoming traffic will be diverted and redirected to a new page, namely the one run by the perpetrators following a hijacking attack.
This new page may attempt to slander the original business, purposely post negative messages and “feedback” affecting the site’s trusted status amongst customers, or simply try to poach traffic for an alternative purpose. Security hijacks may be executed by individuals and groups and can take different forms. Let’s introduce you to a few:
Who launches domain hijacks?
The complexity of the domain hijack attempt you suffer from, coupled with the team or individual behind it, often depends on the size of your business and how robust its security setup is. Lone-wolf attacks may target small businesses. However, tackling significant corporations and multinational enterprises requires many hands to be on deck. Some attackers seek support and assistance from external groups, third-party registrars, and shady organisations to successfully exploit security flaws to steal sensitive data, infiltrate and hijack a stolen domain name.
Email based hacks:
Website hijacking via email is arguably the most common domain hijacking attack you’ll find. The classic domain hijacking example essentially begins with trickery. Posing as a genuine email, it relies on human error to be successful. Once they’ve snuck in through the back door and obtained your login credentials, perpetrators can forge emails and engage in phishing attacks, pretending to be your business.
Domain phishing isn’t the only issue you’ll have to contend with. Transfer forgery is another problem. Here, the attacker pretends to be you and successfully transfers your domain to another host, without your permission, of course. As the domain is no longer under your control, you’re going to struggle to try and prove that you are the legitimate owner of the domain.
In the case of cybersquatting, fraudsters will typically mimic your site and create a clone. They may not be literally hijacking your domain (as in the examples above) but are still engaging in a manner of domain name stealing and URL hijacking but being purposefully misleading about their brand and website. It sows confusion in the minds of visitors.
By posing as your site, they can syphon off your clientele or leech visitors from your site to theirs. Worse still, if you don’t have the necessary registration details to prove ownership, you may encounter reverse domain spoofing, with the perpetrators alleging to be the real victims. You could end up being accused of imitating them.
Why do attackers engage in domain hijacking?
The question is, why go to all this trouble? What’s the point of domain hijacking, and is it worth it? For some, the purpose is solely to launch phishing attacks and scams in a bid to steal passwords and other sensitive data. Others may engage in domain hijacking to distribute malware. However, these are relatively low-grade goals for such complex attacks.
In most cases, the ultimate objective of fraudsters is financial gain or to ruin the “trusted” status that rival businesses have with their clients - in a sense, to take out your reputation and bolster their own. Ultimately, though, it doesn’t matter what the end goal is as long as you can fight back and protect against it.
Let Ports Group help you fight back against domain hijacking
Despite digital attacks becoming ever more sophisticated, we have the tools to help you fight back. What is domain security? Before considering our Ports Group management tools, we strongly recommend that you do the following:
Top tips to help you get started
- Choose an established partner with adequate security for domain name registration, website building and other services. These partners will likely provide the IT and protection you need to evade attacks.
- In terms of domain name security, we recommend that you register your domain straight away. Ensure that you have complete control over the domain, so that you won’t end up in a court case or a power dispute with cybersquatters or other external parties. These resolution incidents often happen, especially when similar brands, trademarks, products, and logos are involved.
- Ensure that you keep tabs on expiration dates. Domain names can expire. If you let it expire, you’re not going to have much luck walking into a police station or courtroom shouting, “someone stole my domain name”. If a domain name is allowed to expire, it may soon be up for grabs. This will trigger a free-for-all if the domain name belongs to a particularly noteworthy or famous brand.
- Most IT is sound, but don’t underestimate the human element contributing to digital attacks like domain hijackings. IT is essential, so it is worth ensuring that your servers and connections are encrypted and protected. However, in most cases, it isn’t the IT that lets you down. Ensure that you understand how the most common human errors in email scams tend to let in attackers via the back door.
- Educate your employees on phishing. Teach them how it works and how to spot attacks. Again, this type of human error could be the game-changer between a fruitful or unsuccessful domain hijacking attack.
Ports Group’s specialist software
Utilising the most basic of procedures detailed above will get you quite far. However, serious threats require further measures. Here at Ports Group, we’ve got the tools you need to take these preventative steps and potentially curtail any domain hijacking attempts before they happen.
As brand safety specialists, we go to great lengths to ensure that your domains and property rights are suitably protected. We provide domain protection of the highest quality.
Keep tabs on your domain
With our Domain Watch (and Trademark Watch) option, you can keep tabs on confusingly similar or identical domain names. Our domain watch package allows you to keep a watchful eye over e-mail scams, intrusion attempts, reputation parasitism and other nasties.
Full protection with registration
The Ports Group Registry Lock tool allows you to protect your domain names. Using our software, you can stop unapproved updates and redirects; you can block deregistration attempts and prevent domain transfers from happening.
An additional layer of security
One of our services reduces the risk of DNS intrusions and ensures that domains only transmit information from the right sources. DNSSEC ensures, simply explained, that the correct domain name is matched with the correct IP address.
The complete management suite
Finally, our Ports Management suite offers a range of protection. This myriad of options allows you to protect, manage and administer your domain and DNS, take complete control over your brand, and check for expiring certificates. You can prosper from two-factor authentication, SAML and receive regular notifications regarding infringements of property rights, all rolled into one suite. Armed with the latest weapons, we can help you shield your business and fight back against domain hijacking, cybersquatting, typosquatting and more.
FAQs: Learn more about domain hijacking
How does domain hijacking often start?
In most cases, domain hijacking will begin with a seemingly innocent email. However, the tell-tale signs will be there that something isn’t right.
Is domain hijacking illegal?
Absolutely. The possession and transfer of a domain that doesn’t belong to you is a punishable crime.
How can I get rid of domain squatters?
You’re going to need proof that you are the legal owner of a domain and that your business is being infringed upon. This is something Ports Group can help with.
Is it illegal to buy a competitor's domain name?
Yes and no. You are free to purchase a domain name using a competitor’s name. However, you will likely find yourself in legal jeopardy if you do so, as this may constitute trademark infringement.
Did you not find the answer you where looking for? Contact us and we will help you.
INSIGHT & SUPPORT