In recent weeks, multiple businesses have had their Web sites redirected to be under the control of a malicious user. The intent of these hacks can include the redirection and capture of all company email to a rogue server, or to simply cause embarrassment to the company being affected. The problem was that the malicious user was able to get administrative control of the account that allowed changes to be made to the DNS records for the company involved. Some of these companies have reported they believe the account access was obtained by a phishing attack against a person in the company that had the account credentials to make changes. In other situations, the attack was against the domain registrar themselves.
Companies can protect themselves from this type of attack by “locking” their domain with the registrar. There are two levels of locks that can and should be enabled. There is a lock between the owner of the site and the domain registrar and there is a lock between the registrar and ICANN. To be truly safe, both levels of locks should be put in place.