You might have spotted that last week US communications company Comcast had its website redirected by hackers. Normal service has since been restored, but for several hours, people trying to visit comcast.net were met by a message from the hackers in question.
As the story has developed, it’s become clear that the hackers wrestled control of Comcast’s domain name by gaining access to the company’s registrar account. They then simply pointed the domain at their own website.
Exactly how they did this still seems to be unclear, but there’s an excellent chance it was down to some nifty social engineering, or simply guessing the right password for the account.
Whatever the exact method used in this case, it underlines the need to take real care with the username and password you use to log in and manage your domain name(s).
If you’re a 123-reg customer, we always assign you a strong password when you set up an account. These passwords can be tricky to remember, but that makes them tough for hackers to guess as well.
If you change yours to something different, make sure you stick with something hard to guess. You can find some good tips in our previous post about strong passwords.
The other key piece of advice is that you should never, ever, reveal your username and password to other people. Not even if, as in this example of social engineering, you’re offered a free pen in return.
- Read more about common domain name scams