⚡ Get All Content for 20% Off ⚡

Hijacked! How to Stop Cybercriminals From Stealing Your Domain With Twitter, Google and other big-name companies under attack, no one is safe. Here is how to prevent your domain (and website) from getting hijacked.

By David L. Brown

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

Shutterstock

What if you were going to visit this article on Entrepreneur.com only you weren't on the actual site? Instead, you unknowingly landed on a hijacked version of the site where criminals were stealing your personal information. This is known as domain hijacking -- or domain theft -- and it's one of the most prevalent threats facing businesses and consumers today.

In 2012, incidents of domain hijacking and related crimes – hacking, phishing and social engineering – increased by more than 42 percent, resulting in a $400 billion hit to the economy, according to security-software company Symantec. And it seems like hackers are just getting started. Several of the world's biggest brands including The U.S. Marines, The New York Times, Twitter, Google, The Huffington Post and Forbes.com – have fallen prey to domain hijacking, thereby putting millions of consumers at risk for identity theft, credit card fraud and other nightmarish situations.

However, the threat isn't contained to just big brands or large corporations. Any organization with significant traffic, a familiar brand, valuable intellectual property or a desirable domain name is a target.

While cybercriminals continue to strengthen and evolve the techniques they use to attack company websites, domain hijacking is preventable if you understand how it happens in the first place and how to protect your business.

Related: How to Protect Your Small Business Against a Cyber Attack

What is domain hijacking?
When a company's site is hijacked, the internet domain name is stolen from its legitimate owners and taken over by cybercriminals. The five most common ways that sites are hijacked are:

1. Pharming: A cybercriminal takes control of a site and posts objectionable content that can damage a company's reputation and turn away customers.

2. Phishing: Hijackers replicate a company's website and collect information like credit cards and social security numbers from consumers who think they're on the legitimate site.

3. Man-in-the-middle: An attacker reroutes a company's internet traffic through external hosts to monitor, capture or alter sensitive communications like system passwords and routing information. This type of breach is particularly virulent because it usually goes undetected for long periods of time.

4. Communication Disruption: Hijackers disable communication channels, such as web and email, which cripple an organization until it gets back online.

5. Domain Loss: Criminals steal valuable domain names.

How to protect your site
A company can greatly reduce the threat of a security breach by deploying a mix of the following techniques and processes:

Multi-layer architecture. Like a safe with multiple locks, using a system of different types of locks on the same domain greatly reduces the potential of a complete hijack.

Related: Don't Get Hacked -- Tools to Fight Cyber Attacks

Distributed systems and processes. Ensure that critical information is protected by making sure the keys and processes used to unlock, transfer, delete or redirect your domains are not being housed in one single system or with one group of individuals. Portions of the credentials, keys and authentication processes should be distributed among different groups and systems.

Isolated systems and processes. As an additional layer of security, parts of the system and processes should be isolated and completely disconnected from one another. Only authorized personnel should hold the keys. This prevents accidental leakage of information, which is usually the case with social engineering.

Encryption. Use the highest level of encryption to protect not only authorized domain credentials, but also the processes and systems supporting the domain.

Multi-factor authentication. Do not rely on only one form of authentication. Instead, use a mix of online and offline authentication methods to ensure that no unauthorized person with stolen credentials is able to unlock the domain control for transfer, deletion or name server redirection.

Ultimately, the only way to protect against hijacking is to manage domain names with the same level of security as other mission-critical corporate assets.

Related: How to Protect Your Apple Devices From Getting Hacked Right Now

David L. Brown has been working with small businesses to develop strong online-marketing presences since 1999. As chairman, CEO and president of Web.com, a small business online marketing solutions, Brown oversees the online presence of more than three million customers and is an advocate for small-business owners’ importance to the US economy. ” 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Side Hustle

The Remote Side Hustle a 43-Year-Old Musician Works on for 1 Hour a Day Earns Nearly $3,000 a Month: 'All From the Comfort of Home'

Sam Ziegler wanted to supplement his income as a professional drummer — then his tech skills and desire to help people came together.

Marketing

Ever Wonder Why Certain Websites Rank Higher Than Yours? This SEO Expert Reveals The Secret to Dominating Search Results

It's often the smart use of SEO, now supercharged with AI, particularly in keyword optimization.

Franchise

The Top Franchise Brands Growing Globally

While our main Fastest-Growing Franchises list focuses on North American growth, more and more brands are looking to grow worldwide. These are the 25 that had the greatest franchise growth outside the U.S. and Canada from July 2022 to July 2023.

Business News

AI Is Impacting Jobs. Here Are the Gigs Affected the Most, According to an Analysis of 5 Million Upwork Postings

The researcher said in the report that freelance jobs were analyzed first because that market will likely see AI's immediate impact.

Leadership

Former Interrogator Shares 5 Behaviors Liars Exhibit and How to Handle Them

Five deceptive behaviors to look for and how to respond to those behaviors when you encounter them.