Understanding and Preventing Domain Hijacking

Domain hijacking can be painful if you are browsing the Web and especially bad if you are the site owner. This article will cover in a bit of detail what domain hijacking is exactly, as well as tips to prevent and even reverse a hijacking.

What Is Domain Hijacking?

To understand domain hijacking, you must have a simple understanding of what DNS is. DNS is also referred to as a “Domain Name System,” and it acts as an address book of sorts for the Web. When you type a web address into an address bar, the browser sends a request to the DNS which then matches the URL to an IP address. After that, the content you requested is loaded. This all follows through your Internet service provider.


At the most basic level, domain hijacking is the redirection of a DNS query to another address. Sometimes these redirected addresses may be entirely different in looks from the intended site of visitation, and other times it may look just like the site you intended to visit in hopes that you, the user, will unknowingly enter personal information into the site.


Tips to Avoid Domain Hijacking

First and perhaps foremost, download a reliable piece of anti-malware software. There is a chance that if domain hijacking happens, it is not that the domain is compromised across the entire Web, but rather that malware on your own machine is causing your DNS entries to redirect to phishing and malicious sites. Malwarebytes is a free program that is trusted as one of the best options out there for keeping your Mac or PC clean.

Choose a registrar that is established and not easily thwarted. If the provider is unheard of, chances are that it is not the most reliable and trustworthy option. Do your due diligence and do not be afraid to pay a few extra pennies a year for a higher level of security.

Use a strong password and two-factor authentication. It seems elementary, but it is often overlooked. Taking the time to consider a strong password that is not shared anywhere else may be the difference between having your site overtaken and not.


How to Recover a Hijacked Domain

If it is your domain that has become hijacked, you will want to start by contacting the domain registrar. This could be Google, GoDaddy, or any provider that actually issued the web address to you. Again, choosing a reliable registrar could mitigate this trouble before it happens.

As was mentioned earlier, do take a second to try to access the site on multiple machines (and therefore multiple IP addresses). It is possible that the issue is internal and not server-based.

Change any and all passwords pertaining to your URL and web accounts. This will prevent the hacker from being able to take back control. These password settings can be found within the registrar dashboard.


Navigating the Internet in a safe way and protecting your domains can sometimes be far from easy. But, with a few precautions, keeping your data and users’ data safe is very much within reach.

Corbin Telligman
Corbin Telligman

I'm a junior at UT Dallas, a tech enthusiast, an adreneline junkie, and a coffee fanatic.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox