DNS Hijacking: How to Diagnose a DNS Hijack and Stop It
DNS hijacking sounds scary, but understanding the risks and installing a VPN are effective countermeasures to ensure your security online. In today’s guide, we’ll teach you everything you need to know about DNS hijacking attacks, and how to fix the problem if it arises.
The internet is a complicated machine with countless working parts. Servers make data requests, hosts and clients communicate back and forth, ISPs coordinate traffic, and ultimately it all comes together to display a webpage in your browser.
Domain Name Servers (DNS) constitute another technology that sits inside the deeper workings of the internet. When DNS does its job you’ll never know it exists. But if it doesn’t, you can’t even load a website. Worse still, a DNS hijacking attack can trick you into giving away your private information and you won’t even realize it. We’ll teach you everything you need to know to stay safe, so read on!
How DNS Works
When you strip it down to its basics, the internet is essentially groups of computers sending messages back and forth to each other. You make a request for a website to display in your browser, your computer relays that request through a service provider, the ISP bounces it to remote servers to fulfill the request, and the path is reversed. We communicate using words and phrases, but computers are partial to numbers. Because those two worlds aren’t always compatible, DNS servers help bridge the gap.
Domain Name Servers sit between you and the internet and work like a translator for site URLs. We like using letters for our domain names, such as addictivetips.com or google.com. It’s easier for computers to store and retrieve that information as numbers, however. Type addictivetips.com into a browser bar and your computer sends that request to your ISP. The ISP uses its DNS servers to look up the name reference in a massive database, then translate the typed URL into an IP address. It all happens in a fraction of a second, but if DNS didn’t exist, the internet would grind to a halt.
DNS Hijacking – ISPs and Hackers
DNS servers are the first point of contact between your devices and the internet. They relay everything you request and are counted on to be fast and accurate. It’s unsettlingly common for hackers and ISPs to abuse this system by changing the lookup addresses for certain sites. You might type facebook.com into your browser, but if the DNS tables are rigged by a hijacker, you won’t be forwarded to the actual facebook.com.
The most common type of DNS hijack occurs when someone gains access to your computer through a virus or malware. These programs can change the default DNS servers on your device to a fake service, redirecting every URL to a different site. Data snoopers can also sit on the same Wi-Fi network as you and intercept requests as they’re made. Public hotspots in areas frequented by tourists are one of the main stalking grounds for these data thieves, which is why you should take extra precautions to keep your devices safe when traveling.
Some common DNS hijacking attacks include:
- Phishing scams where the target site is replaced with an entirely different website that looks and acts like the original.
- Data scraping sites that mimic banking or online shopping sites and try to get login details.
- So-called “soft” hijacking where an ISP redirects traffic to gain ad revenue. These can be innocent redirects in the case of mistyped URLs, or they can be malicious.
- DNS spoofing by governments to censor data by blocking or redirecting DNS requests.
- Pharming efforts that replace common websites with sites covered in advertisements.
The dangers of DNS hijacking are obvious, but the reason they’re so powerful is because users rarely realize they’ve been redirected. Fake websites can perfectly mirror the look and feel of your intended destination, and before you know it, you’ve given your Amazon password to a hacker. Fortunately, there are some highly effective measures you can take to prevent DNS hijacking of all types.
Stop DNS Hijacking with a VPN
A surprisingly powerful method of putting a stop to DNS hijacking attempts is to use a trusted and reliable virtual private network. VPN services are in the business of making the online world safe and secure for all users. They work by creating a private tunnel between your device and the internet, encrypting all traffic that leaves your computer so it can’t be read by prying eyes. This data is sent to the VPN’s network of servers on your behalf, which helps to keep your identity anonymous, as well.
VPN providers use their own DNS servers to create a portal to the web, which takes the place of your local ISP’s DNS. VPNs are actively invested in maintaining fast, accurate DNS lookups, which in and of itself cuts down on hijacking attempts. As long as you’re using a well-regarded VPN service, you’re less likely to encounter a DNS hijacking attempt than without a VPN.
LEARN MORE: What exactly does a VPN hide?
If you’re not sure which VPN is the best for staying safe online, we’ve made the process a little easier for you. Below are the top criteria we use to evaluate our recommended VPN services. Each one ensures you get a fast, private, and secure VPN experience without any of the hassle.
- Logging policy – The core of a good VPN rests upon its logging policies. All of your traffic passes through their servers, and if those details are kept in a log, third parties could get access to it. If no logs exist, your data can’t be taken.
- Software availability – If you can’t run the VPN’s software on your device, it won’t be able to take advantage of the encryption and reliable DNS servers. The best VPN providers have custom solutions for all modern devices, including tablets and smartphones.
- Speed – Encryption overhead can reduce a VPN’s speed significantly, causing both slowdown and lag. The best providers have effective workarounds that keep your downloads fast and uninterrupted.
- Server network – More servers means more options when it comes to choosing a virtual location. You’ll also be able to find low-lag servers when you need them.
- File and traffic restrictions – Some VPNs are known to block P2P networks and torrents as well as restrict bandwidth usage. If you want completely free and unlimited access to the internet, you need a VPN that doesn’t monitor your traffic in any way, shape, or form.
1. ExpressVPN
ExpressVPN is one of the easiest-to-use VPNs on the market. All custom software offered by the company is built around convenience, giving you the tools you need to manage your VPN connection without having to navigate through a ton of menu screens. This is especially handy when you start utilizing ExpressVPN’s massive network of 3,000+ servers in 94 different countries. Need a faster server in Europe? You’ve got plenty of choices, and switching is just a few taps away.
Privacy is high on ExpressVPN’s priority list, as well. All traffic is protected by tough 256-bit AES encryption and a no-exceptions zero-traffic logging policy, both of which work to keep your data unreadable and unavailable to prying eyes. There’s also no-fuss DNS leak protection and an automatic kill switch on several versions of its software, ensuring your location and identity remain safe and secure.
More of ExpressVPN’s best features include consistent access to Netflix streams, even though many VPNs are actively blocked by the service; built-in speed tests to ensure you can always find the fastest connection possible; and unlimited bandwidth and no restrictions on P2P or torrent traffic.
Read our full ExpressVPN review.
- Unblocking Netflix USA, iPlayer, Amazon Prime
- Super fast, reliable connection
- Secure encryption & VPN protocols
- Strict no-logging policy
- Live Chat Support.
- Month-to-month plan has high cost.
2. NordVPN
Interested in one of the fastest VPNs on the market? Put NordVPN at the top of your list. The company operates a network of over 5,600+ servers in 60 different countries, the largest in the industry. That number grows on a weekly basis, too, as NordVPN is constantly working to expand and improve its offerings to customers around the world. These servers deliver amazing speeds with almost zero latency, ensuring you always have the right connection in the right place, no matter where you travel.
A unique benefit of having so many servers is that NordVPN can offer specialized services on select nodes. Need extra security for sensitive tasks? Connect to a Double Encryption server for 2048-bit protection. Need added anonymity or protection against DDoS attacks while gaming? NordVPN has servers for that, too! All these features are available with every NordVPN plan; all you have to do is switch to the right server and you’re good to go.
More of NordVPN’s best features include a completely private connection that delivers reliable access even in censorship heavy areas like China, Russia, and the Middle East, plus a thorough zero-logging policy that covers traffic, time stamps, bandwidth, and IP address logs. NordVPN is also one of the few VPNs that maintains reliable access to Netflix.
Read our full NordVPN review.
- Optimized servers for unblocking Netflix
- No bandwidth caps
- Zero leaks: IP/DNS/WebRTC
- No logs and encrypted connections for total privacy
- Live Chat Support.
- Some servers can be slow and unreliable
- Sometimes slow in procesing refunds (but always do).
3. PureVPN
PureVPN has some of the best DNS hijacking protection features of any VPN service. The usual perks of a virtual private network are there, including a network of over 750 servers in 141 countries, 256-bit AES encryption, DNS leak protection, and zero traffic logs. Going a step beyond that, PureVPN also offers built-in anti-virus protection, web and content filtering, an ad blocker, and incredibly reliable protection against malware, botnets, and spyware. It’s an all-in-one security suite for total online privacy and safety, making it one of the best VPNs to prevent DNS hijacking.
PureVPN’s features at a glance include excellent custom apps for modern operating systems, including smartphones, tablets, PCs, and more; a self-owned network of servers for enhanced privacy and security; unlimited bandwidth and no restriction on P2P or torrent traffic.
Read our full PureVPN review.
4. IPVanish
Need to stay hidden online? IPVanish has the tools you need. The company focuses on incredible privacy and security features while delivering lightning-fast speeds around the world. It starts with a network of over 1300 servers in 60 different countries, one of the largest in the VPN marketplace. It’s enough variety that you’ll always find the location and connection quality you need no matter where you live. You’ll also gain access to IPVanish’s 40,000 shared IP addresses for added anonymity.
On the privacy side of things, IPVanish uses strong 256-bit AES encryption on all transfers, backing that up with zero traffic logs, DNS leak protection, and an automatic kill switch. These features are perfect for keeping your location hidden online, and they also provide convenient leverage to break through firewalls and access censored content.
Other excellent features from IPVanish include the ability to download torrents with full privacy and anonymity, keeping you safe from ISP warning messages and copyright infringement notices. It offers smartly designed and lightweight apps for all major operating systems, smartphones, and mobile devices, and boasts fast and secure servers allow for incredible HD video streams through Kodi.
Read our full IPVanish review.
5. VyprVPN
VyprVPN has incredible privacy features that go above and beyond standard VPN efforts. The most unique is their Chameleon technology, a protocol that helps defeat deep packet inspection (DPI) by wrapping metadata in an extra layer of security. This allows you to thwart ISP throttling efforts and break through firewalls in places like China, Turkey, and the Middle East. Your online freedom and privacy is stronger than ever with VyprVPN in place, and you don’t even have to lift a finger to make it happen.
Another fantastic feature of the VyprVPN experience is the fact that the company owns and operates its entire network of servers, over 700 in 70 different countries. This keeps third parties out of the picture entirely, allowing this provider to handle all of the upgrades, maintenance, hardware and software customizations themselves. If you want to make sure your information stays safe no matter what, VyprVPN is definitely the choice for you.
VyprVPN also includes support for a wide variety of operating systems, including desktops, Android, and iOS smartphones; unlimited bandwidth and no restriction on P2P traffic or torrent downloads; plus a strict zero-logging policy that covers both traffic and DNS request logs.
Read our full VyprVPN review.
Stop DNS Hijacking with a Third-Party DNS
Using a VPN automatically gives you access to a new set of DNS servers. You can also manually change which DNS servers your device accesses, switching them from your local service provider to a trusted third party. This can help create a faster and safer online environment for your entire home network, as well as give you the ability to protect users from objectionable content.
There are two basic types of third-party DNS services: paid and free. Paid services deliver a lot of extra features, such as configurable web filters and aggressive phishing and pharming protection. Free services can be hit or miss, often delivering incredibly reliable DNS results but occasionally falling through with bad service. Choose your alternative DNS carefully, as they will end up being in control of your entire internet experience.
- We’ve selected a few excellent free and paid third-party DNS services you can use to protect against DNS hijacking and phishing scams. If you need help making these changes, check out our full guide on how to change your DNS settings.
- OpenNIC Project – An open and democratic alternative DNS provider that’s completely free to use. Privacy advocates consistently list OpenNIC as their favorite DNS service. You can even contribute to the project by hosting your own node!
- OpenDNS – A popular alternative DNS provider with both free and paid services. The basic package offers safe and reliable DNS server access that filters out phishing and pharming websites by default. The paid version delivers powerful filtering features that help you protect your children from harmful content.
- Google Public DNS – Google’s free DNS service that’s open for the public to use. They promise extremely fast speeds and accurate look-ups, all with two easy to remember addresses.
- Norton ConnectSafe – A paid DNS service operated by the digital security giant Norton. Offers several different plans geared towards safety and security, with several options for web filtering that may be useful to parents.
Use Antivirus Software to Protect against DNS Hijacking
A common method of both DNS hijacking delivery is to place a hidden piece of malware on the target’s computer and use that to alter the default DNS server information. This type of malware often goes undetected, as virus authors design them to be subtle, yet they can cause massive data leaks if not discovered and eradicated.
RELATED READING: How to recognize malware links
The best defense against this type of malware is to avoid suspicious websites. That’s not 100% effective, of course, so make sure you use a good anti-virus program no matter which operating system you run. Most device manufacturers include basic malware protection software out of the box. Windows Defender is a good example of this. If you need some suggestions, check out our recommended anti-virus programs for iOS. Keep these programs actively monitoring at all times, and don’t forget to occasionally run a scan just in case something slipped by.
Conclusion
Hopefully, we’ve been able to demystify DNS hijacking for you with this article, giving you the knowledge you need to take back control of your cybersecurity. Towards that end, we’ve provided you with rundowns for the top VPNs on the market, each proven to bolster your privacy online.
What do you think of our recommendations? Do you have any other tips for our readers? Leave a comment below!
If you need a VPN for a short while when traveling for example, you can get our top ranked VPN free of charge. NordVPN includes a 30-day money-back guarantee. You will need to pay for the subscription, that’s a fact, but it allows full access for 30 days and then you cancel for a full refund. Their no-questions-asked cancellation policy lives up to its name.
