Phishing attacks targeted at retail registrars are nothing new. But are malware attacks geared towards the managers of corporate domain portfolios the next likely target? After all, wouldn’t the fastest, most effective way to redirect website traffic be to update name servers, and/or DNS settings for a popular site?
One likely scenario might be an instance where malware is downloaded from a seemingly harmless site (a site with domain rules and requirements for instance), and a keystroke logger is used to track logins and passwords for corporate domain name management portals. With this credential information, fraudsters could unlock and hijack domains, update name servers, or even change DNS settings – all which could potentially result in the downtime of a site, or even the proliferation of more malware to unsuspecting website visitors.
One approach for thwarting these types of attacks is to restrict domain portal access by IP address. By doing so, only portal requests originating from a specified network would be allowed to login, update and modify domains.
Making domains uneditable from within the portal, and requiring special high-security protocols for any change is another method for ensuring that valuable domains can not be updated or modified by fraudsters.
Because the sophistication of malware attacks continues to grow, domain portfolio administrators should work with their domain registrars to ensure that the tightest security measures are in place to protect online presences.