Once you register with a domain you might feel secured or proud to own a domain you wished to. But friends there is a threat of getting a domain hijacked. Yes, you heard it right! A domain can be hijacked. Ah! Don’t get panic, I will help you understand about domain hijacking and tips to protect or get recovered from it. Here we go in detail:
Domain Hijacking Explained
To recover from the attack it is firstly important for you to understand the process of domain hijacking. Also, it is most important for you to know that hacker doesn’t need any access to your web server in order to get your domain. So here is how the entire process of Hijacking works:
- The hackers go to the websites who.is domain tools and searches for the target domain name. Where they will get customers admin contact email address.
- Searching the same record he or she can simply find the ICANN registrar listed under the Registry Data heading.
- After being aware of customers admin email address the hacker simply needs to hack admin email account which can be quite easy for them.
- After having a control on the admin email account the attacker will then visit the website and chooses forgot password options and just simply reset the password.
- An email is sent to the admin email account with a process to reset the password and now the hacker has all the controls of the domain.
- And within a minute or two the hacker redirects the domain to his/her server.
How To Protect Your Domain From Getting Hijacked?
- One of the best ways to protect the domain is to protect the email account associated with the domain. It is because if you lose your admin email account you lose your domain.
- Another best method is to go for private domain registration. Whenever you register a domain name using private domain registration, all your personal details are kept hidden i.e., when someone performs a WHOIS lookup he/she will not be able to find any of your personal data like admin email address, domain registrar name, and contact number. Thus private domain registration serves you with extra security and protects your private data. This may cost you extra bucks but it’s worth buying for its advantages.
How To Recover The Hijacked Domain?
- Contact Registrar: As soon as you come to know that your domain has been hijacked, immediately contact your domain registrar. Domain registrar is the company with whom you have registered the domain before it has been stolen. Call and tell them that someone has stolen your domain and moved it to their server. You will need to provide them with a handful of information and complete the paperwork. If the transfer seems to be fraudulent your registrar can transfer back the control to you. And if the hacker has transferred the domain to some another registrar, they can work with them to resolve the same for you.
- ICANN Dispute Resolution: Most of the times due to lack of evidence suspecting towards hijacking your registrar might not be much cooperative or might not be able to resolve the issue by its own. Visit the website Internet Corporation for Assigned Names and Numbers (ICANN) and read their guides on resolving the issues. From there you will likely have to retain an attorney and pay out considerable money to both the attorney and to ICANN to process and resolve the dispute and regain control of your domain. And this may cost you so much that even registering a new domain will be worth.
Recognizing the vulnerabilities with the domain registration process, the SSAC highlighted several measures that both domain registrar and registrant can do to help prevent from domain hijacking. These recommendations include:
- Set up uniform rules for Extensible Provisioning Protocol (EPP) authInfo. The exchange strategy requires that registrar produced authInfo codes be unique to every domain. But, client created codes are not subject to the transfer policy limitations. Therefore, a client may make a solitary code for the greater part of his or her spaces. If that code is by one means or another compromised then an attacker will have full control to the majority of the areas that are connected to that code. So it is recommended to use the authInfo code per domain
- Make a uniform default setting that applies domain locks on all client domains. Convey guidelines on the most proficient method to unlock domain to the client through methods for correspondence other than email.
- Pass on to your clients the significance of applying area security assurance to their hosting server package. Despite the fact that such assurance may come at an expanded cost, the immaterial value that their domain names hold reputation with their own particular customers can be priceless. Subsequently, that data ought to be managed a similar level of assurance that they would provide for client and project money related information.
- Search for approaches to enhance your client confirmation and approval forms for any updates or changes related to a domain. EPP can help by giving correspondence at whatever point domain information is renewed. However, it might likewise profit you to set up strict check guidelines past a basic confirmation of the domain or email address when a request is initiated to change client contact or assignment data.
Hope you have found this article helpful. Feel free to add some suggestions or security measures to protect a domain from hijacking. Your ideas are always appreciated.