Home > Security

Computerworld - Over the holidays, our state agency was very quiet, and I took a vacation, hoping for rest and tranquility. But I found that I had my own security issues to deal with.
I was surprised to find that one of my personal e-mail accounts was accumulating over 600 bounced messages per day. This account has been associated with my consulting business for years. I was somewhat alarmed to find out that my domain was being used by a spammer and that my "catch-all" e-mail account was accumulating the bounced messages. (If I hadn't created a catch-all account, I would never have known this was occurring.)
I thought that perhaps my domain had been hijacked and was being used for malicious purposes. I quickly visited my personal Web site; everything looked fine.
I opened several of the bounced messages and inspected the headers. The spammer had used a fictitious e-mail address for my domain in the "Reply To" field (for example, horror@mydomain.com). Some messages had the original message intact, so I could tell that the spam was annoying but not pornographic or a phishing scam. I was grateful for that much. Most of the messages were of the "News Alert!" genre, with "advice" about purchasing a particular type of stock.
I wanted to better understand and resolve these issues:

• What is domain hijacking?


• How could my domain e-mail be used by spammers?


• How can I prevent this?


• Is my domain now blacklisted, and what can I do to "unlist" it?

Domain hijacking usually occurs when someone forgets to renew his domain registration, which then becomes available for purchase. Someone else buys it and begins to use it for a new Web site. Though this isn't illegal, imagine waking up one day to find that your Web site is no longer yours and is filled with undesirable content. Setting up automatic renewal with the registrant for your domain can prevent this from happening.
Domain theft is more serious and involves forging a domain registrant's credentials to make changes to the DNS settings, taking control of the domain. In July 2005, the Internet Corporation for Assigned Names and Numbers issued a report titled "Domain Name Hijacking: Incidents, Threats, Risks, and Remedial Actions." It describes actual incidents and makes recommendations to prevent similar ones. Taking a cue from the report, I checked with my registrar and found that my personal information, such as my home address, was listed. I then changed my profile to make my personal information private. There's a small fee for this, but it's well