Domain Hijacking

What is domain hijacking? Learn how to protect against it

All manner of cyber fraud and digital attacks can be launched against your business. Domain hijacking involves a person or group changing the registration of a website and claiming to be the rightful owner of that domain, often for financial gain or to grab access to sensitive information. Learn how to protect yourself against domain hijacking with Abion.

A malicious, structured attack with a clear purpose

Not to be confused with DNS hijacking (subverting the Domain Name System queries so that traffic is redirected to malicious websites) or domain spoofing (impersonating a company or its employees), domain hijacking is a deliberate attempt to alter the registration of a domain name without your permission. An attack may be executed by a single individual or a group or organisation.

For the most part, this will see the attacker hijack your domain and claim to be the legitimate and rightful owner of said website. This form of sabotage is typically aimed at larger companies, although domain theft can strike whatever size business that you run. The more profitable or less secure your business is, the easier a target it becomes.

The how and why of domain hijacking

There are several ways that domain hijacking can unfold, even if, for the most part, attackers tend to sing from the same hymn sheet. Generally, though, all incoming traffic will be diverted and redirected to a new page, namely the one run by the perpetrators following a hijacking attack.

This new page may attempt to slander the original business, purposely post negative messages and “feedback” affecting the site’s trusted status amongst customers, or simply try to poach traffic for an alternative purpose. Security hijacks may be executed by individuals and groups and can take different forms. Let’s introduce you to a few:

Who launches domain hijacks?

The complexity of the domain hijack attempt you suffer from, coupled with the team or individual behind it, often depends on the size of your business and how robust its security setup is. Lone-wolf attacks may target small businesses. However, tackling significant corporations and multinational enterprises requires many hands to be on deck. Some attackers seek support and assistance from external groups, third-party registrars, and shady organisations to successfully exploit security flaws to steal sensitive data, infiltrate and hijack a stolen domain name.

Email based hacks:

Website hijacking via email is arguably the most common domain hijacking attack you’ll find. The classic domain hijacking example essentially begins with trickery. Posing as a genuine email, it relies on human error to be successful. Once they’ve snuck in through the back door and obtained your login credentials, perpetrators can forge emails and engage in phishing attacks, pretending to be your business.

Forged transfers:

Domain phishing isn’t the only issue you’ll have to contend with. Transfer forgery is another problem. Here, the attacker pretends to be you and successfully transfers your domain to another host, without your permission, of course. As the domain is no longer under your control, you’re going to struggle to try and prove that you are the legitimate owner of the domain.

Cybersquatting/Domain spoofing:

In the case of cybersquatting, fraudsters will typically mimic your site and create a clone. They may not be literally hijacking your domain (as in the examples above) but are still engaging in a manner of domain name stealing and URL hijacking but being purposefully misleading about their brand and website. It sows confusion in the minds of visitors. 

By posing as your site, they can syphon off your clientele or leech visitors from your site to theirs. Worse still, if you don’t have the necessary registration details to prove ownership, you may encounter reverse domain spoofing, with the perpetrators alleging to be the real victims. You could end up being accused of imitating them.

Why do attackers engage in domain hijacking?

The question is, why go to all this trouble? What’s the point of domain hijacking, and is it worth it? For some, the purpose is solely to launch phishing attacks and scams in a bid to steal passwords and other sensitive data. Others may engage in domain hijacking to distribute malware. However, these are relatively low-grade goals for such complex attacks.

In most cases, the ultimate objective of fraudsters is financial gain or to ruin the “trusted” status that rival businesses have with their clients - in a sense, to take out your reputation and bolster their own. Ultimately, though, it doesn’t matter what the end goal is as long as you can fight back and protect against it.

Let Abion help you fight back against domain hijacking

Despite digital attacks becoming ever more sophisticated, we have the tools to help you fight back. What is domain security? Before considering our Abion management tools, we strongly recommend that you do the following:

Top tips to help you get started

• Choose an established partner with adequate security for domain name registration, website building and other services. These partners will likely provide the IT and protection you need to evade attacks.
• In terms of domain name security, we recommend that you register your domain straight away. Ensure that you have complete control over the domain, so that you won’t end up in a court case or a power dispute with cybersquatters or other external parties. These resolution incidents often happen, especially when similar brands, trademarks, products, and logos are involved.
• Ensure that you keep tabs on expiration dates. Domain names can expire. If you let it expire, you’re not going to have much luck walking into a police station or courtroom shouting, “someone stole my domain name”. If a domain name is allowed to expire, it may soon be up for grabs. This will trigger a free-for-all if the domain name belongs to a particularly noteworthy or famous brand.
• Most IT is sound, but don’t underestimate the human element contributing to digital attacks like domain hijackings. IT is essential, so it is worth ensuring that your servers and connections are encrypted and protected. However, in most cases, it isn’t the IT that lets you down. Ensure that you understand how the most common human errors in email scams tend to let in attackers via the back door. 
• Educate your employees on phishing. Teach them how it works and how to spot attacks. Again, this type of human error could be the game-changer between a fruitful or unsuccessful domain hijacking attack.

Abion’s specialist software

Utilising the most basic of procedures detailed above will get you quite far. However, serious threats require further measures. Here at Abion, we’ve got the tools you need to take these preventative steps and potentially curtail any domain hijacking attempts before they happen.

As brand safety specialists, we go to great lengths to ensure that your domains and property rights are suitably protected. We provide domain protection of the highest quality.

Keep tabs on your domain

With our Domain Watch (and Trademark Watch) option, you can keep tabs on confusingly similar or identical domain names. Our domain watch package allows you to keep a watchful eye over e-mail scams, intrusion attempts, reputation parasitism and other nasties.

Full protection with registration

The Abion Registry Lock tool allows you to protect your domain names. Using our software, you can stop unapproved updates and redirects; you can block deregistration attempts and prevent domain transfers from happening.

An additional layer of security

One of our services reduces the risk of DNS intrusions and ensures that domains only transmit information from the right sources. DNSSEC ensures, simply explained, that the correct domain name is matched with the correct IP address.

The complete management suite

Finally, our Abion Core suite offers a range of protection. This myriad of options allows you to protect, manage and administer your domain and DNS, take complete control over your brand, and check for expiring certificates. You can prosper from two-factor authentication, SAML and receive regular notifications regarding infringements of property rights, all rolled into one suite. Armed with the latest weapons, we can help you shield your business and fight back against domain hijacking, cybersquatting, typosquatting and more.