I recently wrote an article about DNS that you can read by clicking here. That will give you a fair idea about DNS. Today I am talking about DNS Hijacking which is an online threat, and you must tighten your security to stay safe.
DNS Hijacking is a malicious attack that is used to redirect the web traffic to the websites that you have never requested. That means if your computer’s DNS is hijacked, you might be redirected to some fake or other sites while accessing different sites. For example, if you are opening Google.com by typing it into your browser’s address bar, you might be directed to some fake site or sites with full of ads.
Hackers do this either to steal your personal information or generate clicks on their ads. We will discuss these later in this post.
Hackers or attackers use malicious software, i.e. malware to override your computer’s TCP/IP settings that include DNS settings as well.
Every website on the internet is hosted somewhere, generally on a server and each server has its own IP address which corresponds to its location. That means, if a website is hosted on a dedicated server, it will have a unique IP address. If you enter that IP address into your browser’s address bar, you will be taken to that website. But, we are humans, and we cannot remember IP address of websites. That is where DNS comes into use which matches the domain names with their corresponding IP address. For example, when you try opening google.com, DNS system does its job and matches this domain name with its IP address, and then the website is presented to you in your browser. These all have to be done because computer understands IP addresses, and humans can remember domain names. Thus, to map the IP addresses to specific domain names, DNS was created.
Photo Credit: Kaspersky
Now, when your computer’s DNS setting is hijacked or changed, you probably end up visiting completely different websites than what you have requested because your computer will be talking to wrong DNS server.
DNS Hijacking can affect you in several ways if your DNS is hijacked. Let’s talk about them.
. This is a kind of spamming as well. Once your DNS is hijacked, even if you open some legitimate site, you will be redirected to some fake sites filled with a lot of ads. People behind these activities earn a lot from those ads.
When this happens, you get nothing but annoyance. And, also you won’t be able to access most of the websites that you want to open because they will be redirected to those fake sites filled with ads. The worst thing is, those ads are also of some crap tools, software or other fake sites with Trojans, malware, and viruses.
For example, some attackers might create a fake webpage that exactly looks like your bank’s login page. When they hijack your DNS, they make you redirect to their fake site instead of the real bank site. And, you just enter your credentials and hit enter. Nothing will happen because that is the fake site but those credentials that you entered are sent to the attacker. That is why I always advise everyone to check the website URL because the fake page can look like your bank’s login page or any real site but they cannot change the URL. So, you can easily figure out whether that page is fake or real by looking at the URL in the browser’s address bar.
If you try visiting a website that is blocked by the government, you might be redirected to some other website that is approved. These are done without your knowledge.
Many ISP does DNS hijacking so that when you visit a non-existent website, you will be redirected to a search engine or collection of links. ISPs do this to increase their revenue, but they say that they do it for better user experience.
You can opt out for ISP hijacking. If there is any problem, you must use an alternative DNS server.
There are many ways you can do to protect your computer from DNS Hijacking, and they being:
- Always keep your router’s firmware updated. Most Importantly use a good router.
- Change your router’s password if you are using the default one.
- Use VPN while accessing the internet to hide your DNS requests. Though VPN is great to use, there are many other ways to map the IP address while you surf the internet. This helps you hide your actual IP address on the internet that adds more security to you. When your actual IP is exposed, there are many ways, attackers can hack into your system and make changes without your knowledge, and DNS Hijacking is one of the popular activities done in which your DNS settings are overridden. So, do use VPN or other ways to map your IP address.
- Install a good Antivirus and Internet security tool on your computer.
- Don’t click on malicious links because hackers most of the time trick users to click on such malicious link which installs Trojan or Malware on your computer without your knowledge, and your DNS setting can be altered using that. Thus, always be careful while clicking any links.
- Try using third Party DNS than using your ISP’s default DNS. You can read about changing DNS on your Windows computer by clicking here.
DNS plays a very important role on your computer when you access the internet. Thus, it is utmost important that you keep your DNS settings safe from DNS hijackers. I have shared the tips on how you can stay safe from it.
If you have any questions or suggestions about this topic, do let me know. I will try my best to respond to your queries.