Protecting and Securing your Domain Name
Date: 15 December 2014
CCIRC, in collaboration with the Canadian Internet Registration Authority (CIRA), has developed this Information Note to provide best practices and advice on securing your domain.
Having a domain is an integral part of business today and care should be taken to protect it. Malicious attackers may be interested in your domain for a variety of reasons and CCIRC has recently observed a number of attacks using Domain Name System (DNS) & domain hijacking, and cybersquatting.
DNS & Domain Hijacking
Domain hijacking occurs when the registration of a domain name is changed without the permission of the owner. Attackers can use personal information obtained through social engineering to impersonate and then persuade the domain registrar to change DNS information or transfer the domain to another registrant. This can lead to visitors who are intending to visit your website are instead being delivered to content controlled by the malicious actor. Examples of this malicious content can include credential phishing, malware delivery, and brand/website defacement.
Another reason for attackers to hijack DNS and domain information could be to take control of the domain and associated email addresses in order to monitor traffic and capture data. Analysis of captured traffic could provide a malicious actor with sensitive information, including usernames and passwords. The malicious attackers could also submit and intercept password reset requests from cloud applications to hijack personal accounts.