Understanding and preventing domain hijackingDid you know someone can actually steal your domain? If you have a successful and developed website that happens to drive a lot of traffic or even brings you direct profit – you may be a desirable target.
Domain hijacking or domain theft is a cybercrime that implies the unauthorized change of the registration of a certain domain name, with the intention of using it for abusive actions.
The dreadful truth is this: all an attacker needs in order to gain full control of your domain is your account and a password. With various techniques (e.g. phishing, social engineering), one can get a hold of your domain account and use it for spam actions, malware distribution, money stealing (e.g. if it’s e-commerce we’re talking about), and of course – to make any desired changes. Usually, the attacker performs an identity theft and impersonates the real domain holder in order to convince the registrar to change authority settings, i.e. status codes.
Here’s how you can prevent domain theft:
- Protect your e-mail account: Ensure your password is of solid strength, and you may even want to change it once in awhile.
- Check security protection options before registering your domain (e.g. call-back authentication, placing various domain locks).
- Keep your eyes on your traffic: If you notice any highly suspicious traffic, reach out to your registrar to see what’s up.
If you do become a victim of domain hijacking, follow the guidance from ICANN: documentation is the key to recovering your domain name. These include files regarding domain history, billing records that prove you are the true domain holder, correspondence from registrars (e.g. WHOIS records, renewal notices), and other legal documents. Having a trademark can help in speeding up the legal process once you file a suit.
Benefits of owning an SSL certificateNow, let’s talk about your website’s safety and creating a protected environment for your customers and clients.
Have you ever been worried if your personal data will end up where it should during online shopping? SSL (Secure Socket Layer) is a transfer protocol that uses standard encryption technology to safely transfer data between the two parties, i.e. between the user and the server. This way, all the sensitive information (e.g. one’s credit card number) stays protected and can be seen and read-only by the intended parties so hackers and identity thieves are left empty-handed.
In addition, owning an SSL certificate gives your online business credibility and is an absolute must if you run transactions on your website. You can choose between protecting one website, multiple websites, or protecting all subdomains (wildcard SSL).
Alongside the obvious safety reasons, securing your website will bring you SEO benefits: in 2014, Google announced it will reward secure websites (i.e. https websites – the ones using SSL) with a slight SEO boost in order to promote Internet safety.