Home > Articles > Computer Terms & Definitions > Computer Networking > Network Identifiers

What Is Domain Hijacking?

What Is Domain Hijacking

Date First Published: 6th May 2022

Topic: Computer Networking

Subtopic: Network Identifiers

Article Type: Computer Terms & Definitions

Difficulty: Medium

Difficulty Level: 6/10

Learn more about what domain hijacking is in this article.

Domain hijacking, also known as domain theft, is an unauthorised attempt to take over the ownership of a domain name without the registrant’s permission. This allows a third party to gain complete control over the stolen domain name, allowing them to change DNS records, point the domain name to another web web server, sell it to a third party, and use it for other malicious purposes, including phishing and spreading viruses and malware.

Effects Of Domain Hijacking

Domain hijacking causes the owner of the domain name to lose their domain name (web address), meaning that users will no longer be able to visit their website. The effects of this are financial loss to the site owner or business. Because a third party has taken over their domain name, their website is no longer available and they will have to move their website to a new domain name without a redirect, which is basically the same thing as starting a new website. For more information on the effects of losing a domain name (web address), see this article.

How Is Domain Hijacking Performed?

Domain hijacking can be performed in all sorts of ways, including:

  • The domain hijacker gaining access to the registrant's account. This is usually performed by a phishing website that mimics the login page of a legitimate domain registrar to steal user’s credentials. This could also be performed by malware that logs keystrokes and sends it to a third party.
  • A vulnerability in the system of the domain registrar.
  • The domain hijacker using personal information of the domain name owner to impersonate them and asking the domain registrar to alter the registration information or transferring the domain name to another domain registrar.
  • Lack of safeguards against unauthorised domain transfers. EPP codes help prevent unauthorised domain transfers by requiring a unique 6-16 character code to be entered before the domain name is transferred to a new registrar. Without an EPP code, unauthorised transfers are much more likely to occur. However, ICANN does require a 60-day waiting period between a modification to registration information and a change in another domain registrar, making domain hijacking more difficult.

Difference Between Domain Hijacking and DNS Hijacking

Domain hijacking is not to be confused with DNS hijacking. Domain hijacking refers to an unauthorised attempt to take ownership of a domain name without the registrant’s permission, such as by making an unauthorised transfer from one registrar to another or gaining unauthorised access to the registrant's account and DNS hijacking refers to the redirection of DNS requests, causing online traffic to be forcibly redirected and DNS requests to be incorrectly resolved.

How To Prevent Domain Hijacking?

Domain hijacking and unauthorised domain transfers can be prevented by:

  • Using enhanced transfer protection, such as domain locking. This prevents the domain name from being transferred without the registrant’s permission. The status of locked domains will show up as 'Client Transfer Prohibited' when performing a WHOIS lookup. Domain names must be unlocked by the registrant before they can be transferred.
  • Use strong passwords for the domain registrar. Strong passwords should consist of a mix of numbers, letters, and special characters. These reduce the chances of them being cracked, which would lead to someone gaining unauthorised access to the registrant’s account.
  • Use extra layers of security, such as two-factor authentication. Two-factor authentication will make the account even more secure, since even if a third party stole the registrant’s password, they would not be able to log into their account as it would require a verification code to be entered that is sent by email or text.
  • Always make sure the website you are on is the correct website and not a fake one. It is important to note that there are a lot of phishing websites that impersonate trusted websites to steal user’s credentials.
Note: Info Icon

Not all TLDs support domain locking. If a registrant tries to lock a domain name where locking is unavailable for the TLD, a message will be displayed that the domain cannot be locked, since the TLD is not supported.


What Is Computerhelp4all?

  • Computerhelp4all is a site with articles for everyone about the topic of computing, as suggested in the name '4all'.


Featured Articles

Featured Quizzes

Topics

Computer Networking Cybersecurity Computer Systems Web Design & Development

Subtopics

Network Services Network Setups Network Standards Network Hardware Network Identifiers Network Software Internet Protocols Internet Organisations Data Transmission Technologies Web Development Web Design Web Advertising Web Applications Web Organisations Web Technologies Web Services SEO Threats To Systems, Data & Information Security Mechanisms & Technologies Computer Hardware Computer Software Ethics & Sustainability Legislation & User Data Protection

Activities

Wordsearches Unscramble Words Knowledge Questions

Difficulty

Easy articles Medium articles Advanced articles

Follow Computerhelp4all


Facebook Logo
RSS Logo
YouTube Logo

Search







© 2022-2024 Computerhelp4all | Home | About | Privacy Policy | Cookie Policy