Domain hijacking

Domain hijacking or domain theft is the act of changing the registration of a domain name without the permission of its original registrant, or by abuse of privileges on domain hosting and registrar software systems. ^[1]

This can be devastating to the original domain name holder, not only financially as they may have derived commercial income from a website hosted at the domain or conducted business through that domain's e-mail accounts, ^[2] but also in terms of readership and/or audience for non-profit or artistic web addresses. After a successful hijacking, the hijacker can use the domain name to facilitate other illegal activity such as phishing, where a website is replaced by an identical website that records private information such as log-in passwords, spam, or may distribute malware from the perceived "trusted" domain.^[3]

^ "Preventing Risks From Subdomain Takeover - Cloud Exploits". The Hack Report. 10 February 2021. Retrieved 14 April 2021.
^ Simon, Ruth (12 March 2015). "Cybercriminals Are Misappropriating Businesses' Web Addresses As a Result, Customers Can't Find the Real Companies on the Web". The Wall Street Journal. The Wall Street Journal. Retrieved 12 September 2016.
^ Weslow, David. "Dealing with cybersquatting: the wisdom of thinking ahead". TBO: Trademarks & Brands Online. Archived from the original on 31 March 2022. Retrieved 12 September 2016.

[1] "Preventing Risks From Subdomain Takeover - Cloud Exploits". The Hack Report. 10 February 2021. Retrieved 14 April 2021.

[2] Simon, Ruth (12 March 2015). "Cybercriminals Are Misappropriating Businesses' Web Addresses As a Result, Customers Can't Find the Real Companies on the Web". The Wall Street Journal. The Wall Street Journal. Retrieved 12 September 2016.

[3] Weslow, David. "Dealing with cybersquatting: the wisdom of thinking ahead". TBO: Trademarks & Brands Online. Archived from the original on 31 March 2022. Retrieved 12 September 2016.

[1]

[2]

[3]