You can be on Entrepreneur’s cover!

Hijacked! How to Stop Cybercriminals From Stealing Your Domain With Twitter, Google and other big-name companies under attack, no one is safe. Here is how to prevent your domain (and website) from getting hijacked.

By David L. Brown

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.


What if you were going to visit this article on only you weren't on the actual site? Instead, you unknowingly landed on a hijacked version of the site where criminals were stealing your personal information. This is known as domain hijacking -- or domain theft -- and it's one of the most prevalent threats facing businesses and consumers today.

In 2012, incidents of domain hijacking and related crimes – hacking, phishing and social engineering – increased by more than 42 percent, resulting in a $400 billion hit to the economy, according to security-software company Symantec. And it seems like hackers are just getting started. Several of the world's biggest brands including The U.S. Marines, The New York Times, Twitter, Google, The Huffington Post and – have fallen prey to domain hijacking, thereby putting millions of consumers at risk for identity theft, credit card fraud and other nightmarish situations.

However, the threat isn't contained to just big brands or large corporations. Any organization with significant traffic, a familiar brand, valuable intellectual property or a desirable domain name is a target.

While cybercriminals continue to strengthen and evolve the techniques they use to attack company websites, domain hijacking is preventable if you understand how it happens in the first place and how to protect your business.

Related: How to Protect Your Small Business Against a Cyber Attack

What is domain hijacking?
When a company's site is hijacked, the internet domain name is stolen from its legitimate owners and taken over by cybercriminals. The five most common ways that sites are hijacked are:

1. Pharming: A cybercriminal takes control of a site and posts objectionable content that can damage a company's reputation and turn away customers.

2. Phishing: Hijackers replicate a company's website and collect information like credit cards and social security numbers from consumers who think they're on the legitimate site.

3. Man-in-the-middle: An attacker reroutes a company's internet traffic through external hosts to monitor, capture or alter sensitive communications like system passwords and routing information. This type of breach is particularly virulent because it usually goes undetected for long periods of time.

4. Communication Disruption: Hijackers disable communication channels, such as web and email, which cripple an organization until it gets back online.

5. Domain Loss: Criminals steal valuable domain names.

How to protect your site
A company can greatly reduce the threat of a security breach by deploying a mix of the following techniques and processes:

Multi-layer architecture. Like a safe with multiple locks, using a system of different types of locks on the same domain greatly reduces the potential of a complete hijack.

Related: Don't Get Hacked -- Tools to Fight Cyber Attacks

Distributed systems and processes. Ensure that critical information is protected by making sure the keys and processes used to unlock, transfer, delete or redirect your domains are not being housed in one single system or with one group of individuals. Portions of the credentials, keys and authentication processes should be distributed among different groups and systems.

Isolated systems and processes. As an additional layer of security, parts of the system and processes should be isolated and completely disconnected from one another. Only authorized personnel should hold the keys. This prevents accidental leakage of information, which is usually the case with social engineering.

Encryption. Use the highest level of encryption to protect not only authorized domain credentials, but also the processes and systems supporting the domain.

Multi-factor authentication. Do not rely on only one form of authentication. Instead, use a mix of online and offline authentication methods to ensure that no unauthorized person with stolen credentials is able to unlock the domain control for transfer, deletion or name server redirection.

Ultimately, the only way to protect against hijacking is to manage domain names with the same level of security as other mission-critical corporate assets.

Related: How to Protect Your Apple Devices From Getting Hacked Right Now

David L. Brown has been working with small businesses to develop strong online-marketing presences since 1999. As chairman, CEO and president of, a small business online marketing solutions, Brown oversees the online presence of more than three million customers and is an advocate for small-business owners’ importance to the US economy. ” 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Business News

Side Hustles Are Soaring as Entrepreneurs Start Businesses Working Part- or Full-Time Elsewhere, According to a New Report

The younger the entrepreneur, the more likely they were to start a business as a side hustle.

Side Hustle

This Insurance Agent Started a Side Hustle Inspired By Nostalgia for His Home State — Now It Earns Nearly $40,000 a Month

After moving to New York City, Danny Trejo started a business to stay in touch with his roots — literally.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

Scrabble Makes First Change to Its Board in Over 75 Years

The new roll out is only available in Europe as of now.

Growing a Business

Want to Become an Industry Leader? Be a Guest on Podcasts — But Not the Ones You Think

If you are trying to promote your new product or service, there's a simple yet effective way to stand out from the rest.

Business News

CPI Report: Inflation Rose More Than Expected in March, Driven By Housing and Energy Costs

The average U.S. household is paying $227 more per month for goods compared to one year ago.