We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Security

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What Is DNS Hijacking?

By G. Wiesen
Updated: May 16, 2024
Views: 6,919
Share

DNS hijacking is a process by which Internet users may be redirected to a different website than they are attempting to reach. The domain name system (DNS) is a set of protocols used to allow users to connect to various websites on the Internet. When a user types in a particular web address, a DNS server translates that address into an Internet protocol (IP) address and directs the user to the proper site. DNS hijacking changes this process, however, so that the user is directed to an IP address other than the proper one.

The way in which DNS hijacking occurs is based on how users on the Internet connect to websites. Most users go to a website by typing an address into a browser, or through a search engine that displays website addresses based on search results. When a user types in an address, such as www.wisegeek.com, then a DNS server receives this request, but Internet websites are not actually hosted on servers using these types of address names. IP addresses, which are unique and consist of a series of numbers, are used to organize and assign locations on the Internet for every website.

A DNS server translates the address typed by a user into the proper IP address, and then connects that user to the appropriate server for that website. DNS hijacking, however, occurs when a DNS server directs a user to a website other than the one that should be reached based on the typed address. This can be an especially dangerous type of attack when used by hackers, since the user may be completely unaware that he or she is not looking at the proper website. DNS hijacking effectively occurs “behind the scenes” of Internet navigation, and the user’s browser window is likely to display the correct name for the website.

When hackers use DNS hijacking to redirect users to a malicious version of a website, it is known as “pharming.” A compromised DNS server may, for example, receive a request by a user for www.pretendbank.com. Rather than sending the user to the actual bank website, however, it sends the user to a fake version of the site, often created to appear just like the real version. When the user attempts to enter his or her security information, the website logs that information, and then indicates to the user that the system is unavailable at the moment. This information can then be used to access the user’s actual bank account and perform fraudulent activity.

Some Internet service providers (ISPs) have also begun using DNS hijacking for less malicious purposes. These ISPs use “DNS redirecting” to send users to a particular page when an invalid web address is entered. Rather than displaying the standard screen for invalid sites, a page is displayed by the ISP that often includes advertisements for other services. While this is not necessarily malicious, many users have decried this practice as inherently dishonest and in violation of established Internet standards against DNS hijacking.

Share
EasyTechJunkie is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Discussion Comments
Share
https://www.easytechjunkie.com/what-is-dns-hijacking.htm
Copy this link
EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.