Security is especially important when you have a domain name.
Recently, more and more domain investors’ accounts have been attacked by hackers and their domains were irreversibly stolen. Of course, at last these accounts will be retrieved, while valuable domains have been transferred. And it is always too late when they finally realize the catastrophe.
Many people take it for granted that their domains are safe, however, is that true? Or, maybe in fact, they are on the way of being stolen?
So the first thing you shall do is to understand the hackers’ attacks approaches and then review your online habits for protecting your domains.
1. Who is Your Enemy?
Dictionary Attack
Simply to interpreter this, hackers have a list of commonly used passwords, let's call it "password dictionary", they try each password until it matches automatically by a software. Even though many popular sites could identify and prevent repeated password trying behavior, there are still many sites which don't have this function. Many people use the same one or two passwords in different sites. The hacker would perform "dictionary attack" in these unsafe websites to get the password and then hijack other more valuable accounts.
Phishing Email
E-mail is anonymous and not verified. The most obvious problem is that the address user sees and the actual address where user locates can be completely different! How to identify phishing emails?
1.1 The URL is usually gibberish. The page could be disguised, however the website address not.
1.2 Phishing emails disguise to microsoft.com and it tends to create a domain such as microsoft.maliciousdomianname.com. Please pay attention that Microsoft.com at the end of the full domain name is the correct address!
1.3 Email demands of personal information, like asking to input account and password for verification and update.
2. How to Protect Our Accounts?
2.1 Fill in valid information when registering;
2.2 Use safe Email when registering;
What kind of email mailbox is safe? In short, even though the passwords are disclosed, the attacker still can't enter the user's E-mail. Now, Email, such as Gmail and Hotmail, has the function of two-step validation, which is safer.
2.3 Bind mobile phone validator;
2.4 Ensure the safety of the account & password;
Set a at least eight-word password which is exclusive and includes capital and small letter. Besides, the Dislocation input method is another way to avoid the disclose resulting from Trojan Horses.
2.5 Lock the domain name;
2.6 Turn on Whois privacy protect service;
2.7 Check your account constantly;
2.8 Be careful of suspicious emails.
Recently, more and more domain investors’ accounts have been attacked by hackers and their domains were irreversibly stolen. Of course, at last these accounts will be retrieved, while valuable domains have been transferred. And it is always too late when they finally realize the catastrophe.
Many people take it for granted that their domains are safe, however, is that true? Or, maybe in fact, they are on the way of being stolen?
So the first thing you shall do is to understand the hackers’ attacks approaches and then review your online habits for protecting your domains.
1. Who is Your Enemy?
Dictionary Attack
Simply to interpreter this, hackers have a list of commonly used passwords, let's call it "password dictionary", they try each password until it matches automatically by a software. Even though many popular sites could identify and prevent repeated password trying behavior, there are still many sites which don't have this function. Many people use the same one or two passwords in different sites. The hacker would perform "dictionary attack" in these unsafe websites to get the password and then hijack other more valuable accounts.
Phishing Email
E-mail is anonymous and not verified. The most obvious problem is that the address user sees and the actual address where user locates can be completely different! How to identify phishing emails?
1.1 The URL is usually gibberish. The page could be disguised, however the website address not.
1.2 Phishing emails disguise to microsoft.com and it tends to create a domain such as microsoft.maliciousdomianname.com. Please pay attention that Microsoft.com at the end of the full domain name is the correct address!
1.3 Email demands of personal information, like asking to input account and password for verification and update.
2. How to Protect Our Accounts?
2.1 Fill in valid information when registering;
2.2 Use safe Email when registering;
What kind of email mailbox is safe? In short, even though the passwords are disclosed, the attacker still can't enter the user's E-mail. Now, Email, such as Gmail and Hotmail, has the function of two-step validation, which is safer.
2.3 Bind mobile phone validator;
2.4 Ensure the safety of the account & password;
Set a at least eight-word password which is exclusive and includes capital and small letter. Besides, the Dislocation input method is another way to avoid the disclose resulting from Trojan Horses.
2.5 Lock the domain name;
2.6 Turn on Whois privacy protect service;
2.7 Check your account constantly;
2.8 Be careful of suspicious emails.
