Domain Hijacking or Domain Theft is the act of changing the registration of a domain name without the permission of its original registrant, or by abuse of privileges on domain hosting and registrar software systems.
This means someone has gained access to your domain registrar account details and is now in full control of all domain-based functions, including changing DNS name servers, setting a new domain status and transferring the domain name, as well as altering the personal, technical and administrative details of all domains located under that account.
Having your domain stolen could significantly and negatively impact your business and can cost you your entire company if you don’t recover your domain ownership.Once your domain has been hijacked, the attackers will probably transfer it to another registrar, the most common thing they do in these cases. Once this happens, trying to get it back to the original owner gets even more complicated. Here are some tips to increase your domain security.
Choose a Reputable Domain Provider
There are many types of domain registrars, all offering the same basic service: they allow you to register a domain name. Some are cheaper than others, but that shouldn’t be your only consideration. When picking your domain name registrar for new registrations or domain transfers, take a look at the advanced and extra features they offer.
Use a Strong Password and Two-Factor Authentication
This is some of the most useful security advice we’ll always give you: enable Two Factor Authentication in all your online accounts. This includes your domain name register, where all your domain names are located. If someone is able to get your username and password, the second layer of authentication can really protect you from losing control of your domains.
Using a strong password will help you prevent brute force attacks and unauthorized access to your accounts.
Have this in mind when setting a new password:
- It must have 8 characters or more.
- Try to avoid using dictionary-based words.
- Include a combination of uppercase and lowercase letters, numbers and symbols.
Enable WHOIS protection
Having your WHOIS protection enabled can really help reduce the amount of personal data you expose to the Internet. This includes:
- Address
- City, state and country
- Telephone number
- Email address
As you can see, your domain WHOIS information can reveal a lot of data about you, that can later be used to launch social engineering attacks. By enabling this security tool you will reduce the amount of vulnerable OSINT data about you or your company.
Don’t Share Domain Details with Anyone
You might think it’s easier to hand over your domain details to your web designer or developer so they can set it to redirect to your new website.That’s not safe to do.
In those types of engagements, issues over payment and work agreements may come up between you and your web developer. If things get ugly, the person may hold your domain hostage until you agree to their terms. It’s best to take a proactive approach, handling all the high-level domain administration tasks yourself.
What to Do If Your Domain Has Been Hijacked
If your domain account has already been hijacked, the protective steps we’ve covered will still come in handy, but only after you’ve regained control of your domain. Before we wrap things up, we’ll cover two strategies to help you do that.
When a domain is transferred from one person to another, it takes 60 days for the ownership change to become final. This means you have ample time to present your case to:
- Your domain registrar—Your registrar is the company from which you bought the domain. Contact them as soon as your domain gets hijacked and tell them you didn’t initiate the ownership transfer request. Then follow whatever instructions they give you.
- ICANN―You can submit a complaint to ICANN regarding your domain name hijacking. But be warned, their experts might ask you for documentation, i.e., proof that you are the rightful owner of the domain.
