As the world’s biggest domain registrar, GoDaddy is in a vulnerable position when it comes to security issues, so it’s a bitter blow for the business that they have been the subject of another cyberattack, damaging their reputation.
Vishing Scam
It seems the latest attack comes as a result of a ‘vishing’ or voice spear-phishing scam, where employees were targeted by hackers, who called them by telephone and pretended to be a trusted person, possibly the legitimate owner of the domain. Once a hacker has control of a domain name, they’re in a powerful situation as they can then send emails from the domain and it is very hard to notice a cyberattack has taken place. By directing the domain’s email service to a different email platform, they can then take control of communications and use this to reset passwords to get access to sensitive information held by third-party services.
Vishers Targeting Employees
Vishing is a very complex scam as the hackers have to do a lot of research into the employees. They can get this information from social media accounts, but they also need to be able to speak to the employees in their native language and be successful in convincing them that they are the person they claim to be. Because of the size of GoDaddy, it makes their employees particularly vulnerable to targeted attacks like this. The lower-level members of staff who have access to privileged information are most likely to be targeted.
Employee Training
To stop cyber criminals gaining access, there needs to be a zero trust principle which states that before there is any connectivity, a user should be authenticated and access should be validated. If the employees at GoDaddy had more regular ongoing training in social engineering and phishing strategies, it’s likely that they would have been more aware of the threat and wouldn’t have handed over control.
Do your research
If you’re looking to buy a domain name, you can read more about how this cyberattack took place and the implications of it in CPO Magazine. There are many providers of domain names, such as https://www.names.co.uk/domain-names, who are less vulnerable to cyberattack because they are not as big as GoDaddy.
Think carefully before you arrange your domain. The provider should have robust security measures in place to reduce the risks of cyberattack.