Download: 

 

Domain Name System abuse (DNS abuse) is harmful online activity that can adversely impact websites and result in financial losses for businesses, not-for-profit organisations and consumers. auDA works to minimise DNS abuse in the .au domain. Only 0.03 per cent of .au domain names experience DNS abuse. The cases that do occur are almost always a result of hacked small business or not-for-profit websites with poor security. Below we set out what you can do to keep your website secure. 

What is DNS abuse? 

DNS abuse refers to five categories of malicious online activity that is carried out through the DNS:   

  • Botnets  
  • Malware (such as ransomware)  
  • Pharming  
  • Phishing   
  • Spam (where the spam is used to facilitate one of the other four categories). 

Small business and not-for-profit websites are most commonly affected by phishing and malware attacks. An example of DNS abuse is a ransomware attack, where malicious software encrypts your files and the cyber criminal demands a ransom payment in exchange for restoring access.   

Will I be notified if my website is compromised?  

auDA actively monitors daily threat feeds for suspicious registrations and conducts regular audits of newly created .au domain names. If DNS abuse is detected related to your .au domain name, you will be contacted by both auDA and your registrar/reseller via email, mobile phone or text message. For this reason, it is vital the contact details associated with your .au domain name registration are correct and up to date. You can check your details via the auDA WHOIS service and you can update them by contacting your registrar.    

What do I do if my website is compromised?  

If you are notified of DNS abuse related to your .au domain, you will be asked to take urgent action to rectify the issue. You should contact your web hosting provider or an IT professional to assist you as soon as you receive our notification.   

After 72 hours, auDA will check your website again for signs of DNS abuse. If the site remains compromised, we will contact you for a second time.

If the DNS abuse remains evident, we will suspend the .au domain name to minimise harm to other internet users. A suspended domain name means your website will be inaccessible to internet users. The website can be restored once the infected files have been removed. Following this, and to ensure it does not occur again, it is essential that you take regular steps to secure your website and prevent further issues.

Top tip:

When a domain name appears in daily DNS abuse threat feeds, service providers that subscribe to the feeds (e.g. Google), may block access to your website to protect internet users. Once the DNS abuse is rectified you will need to contact the DNS abuse threat feed provider to have your domain name removed from its list. auDA will provide you with the name of the provider to contact.  

How do I keep my website secure? 

The below steps will help keep your website secure:  

1. Regularly check your website security 

2. Secure your website  

  • Use unique passphrases, update them regularly and add an extra layer of security with multi-factor (MFA) authentication  
  • Update your Content Management System (CMS) to the latest version. You can check which CMS and the version your website uses with the WhatCMS tool    

3. Allow automatic updates to software and operating systems  

  • Ensure your website has a valid Secure Sockets Layer (SSL) certificate installed. This means your website is verified and that the information contained on it is encrypted. You can purchase an SSL certificate from an authorised certificate authority, usually as an annual subscription.  
  • Apply updates and security patches to your website 
  • Review and update your website plugins regularly 
  • Remove third-party integrations and permissions that are no longer in use 
  • Put in place a vulnerability scanner that automatically patches vulnerabilities  
  • Set up a web application firewall  
  • Backup your data regularly 
  • Speak to your web hosting provider or an IT professional if you need assistance. 

4. Consider .au for your website 

 

auDA is highly committed to DNS abuse mitigation and ensuring .au remains secure and trusted. We maintain strict .au Licensing Rules and undertake robust compliance activity to make the .au domain one of the most secure domains in the world. Read more about how auDA tackles DNS abuse in auDA’s Combatting DNS abuse in .au fact sheet.   

Should you need to get in touch with us, you can contact us via the enquiry form on the auDA website.  

 

Category: Fact sheets