Domain name hacked to get customers' payment details
Hackers seized the bank's domain name, and for six hours everyone that typed the name into their browser found themselves on a convincing replica of the bank's website. The fake site was set up to get customers to part with payment data. It isn't known how many people were affected. What's crystal clear is that the hack could have been prevented.
Changing the internet signpost
A domain name acts as a signpost to a website. When a hacker changes the technical information linked to a domain name (its 'DNS record'), it's like making the signpost point the wrong way. So people who try to reach the site end up where the hackers send them. Then all the security on the real site counts for nothing, because the customer is dealing with a fake. And it's much harder to get warnings out to customers, because the people who have taken control of the domain name can also disable mail to and from the domain.
Securing domain name data with .nl Control
Clearly, it's very important that the procedure for changing a domain name's DNS record is secure. The best approach is to apply the 'double authorisation' principle. With .nl, that's been possible for some time now, through the .nl Control service. If a domain name is registered for .nl Control, the data linked to it can't be changed until we've had authorisation from the company itself. So it's virtually impossible for a hacker to get the data changed. Similar services are available for many other top-level domains. They are generally known as 'registry lock' services.
Various safeguards are used to make sure that registry lock services are made available only to legitimate subscribers. The applicant's identity is carefully verified and their authority to act for the company is checked. For anyone with a valuable domain name that's attractive to hackers, a registry lock service is certainly worth considering.
Want to know more?
If you're interested in maximising the security of your domain name, take a look at .nl Control.