Security of company domains and domain names is usually fairly basic, underrated and in some situations very easy to compromise. In this article we would like to discuss a few of the methods that we’ve discovered over the past year to help other clients avoid losing out.
The most popular method is a hacker accessing or attempting to guess your username and password for a domain reseller. Once a hacker has access to your account they can change the DNS settings, name servers, or even change the domain ownership.
Make sure your domain password is unique, not easy to guess and your registrar has good website security. We’ve seen a number of large UK based domain registrars that have very basic security for their website where the user’s session is still active even when they click log out.
Keep an eye on your domain expiry dates especially on domains that aren’t your main domain. We’ve recently seen customer’s domains expire and fall into the hands of competitors or hackers just because the client ignored the renewal emails.
This is a less common method but again a method we’ve seen in the past months. This method involves a hacker contacting a domain registrar via the telephone or email and pretending to be the end customer. Some registrars will ask just basic security questions like payment method or information that’s publicly available on the whois.
Ask your domain registrar what security methods they use for validation or better still spend five minutes calling their customer support number to see what questions you get asked.
Another instance we’ve seen recently is hackers taking advantage of incorrect information on the whois database. This can either be incorrect email address, domain registrant or name server information.
A large client of ours had a hacker identify that one of their name servers on their domain was listed incorrectly. The hacker then registered the misspelled domain and set-up a name server redirecting all traffic to their own web site to collect advertising revenue. An unfortunate problem where the customer lost a third of their traffic for 24 hours.
How to avoid these incidents
A benefit of working with a small company like Nimbus is that we have a much smaller customer database and know customers personally. We can spot unusual activity on a customer’s account and react very quickly to resolve a problem should anything arise. We also run regular scripts that monitor our customer’s domains to make sure they are working and the information is correct.
Starting in May this year you’ll be able to register and renew the majority of domains for up to 10 years. Consider asking your registrar for a discount for a longer period to avoid your domain expiring.
Some customers prefer to keep their domains and hosting separate although we believe the opposite. If you keep your domain and hosting together you have a single point of contact should anything go wrong. If a problem does happen it can be quickly resolved as there’s no need to relay information onto a third party.