Despite the strong efforts of security vendors to convince the financial industry and many online stores, it is still apparent that these industries are unwilling to adopt the DNSSEC technology, a mechanism used to prevent fraud making it extra-challenging for fraudsters to fake legitimate websites.
DNSSEC, otherwise known as the DNS Security Extensions, effectively utilizes public-key based authentication and encryption that helps guard against attacks to the domain name caches, which was popularly highlighted in 2008 by Dan Kaminsky, a famous security researcher. He stated that this technology works primarily by building a strong chain of trust within a system.
These cryptographic checks are responsible for making it more difficult for the hackers’ machines to mask itself as the friendly and legitimate servers translating domain names into something understandable by the human user, such as ebay.com, into the number-based IP addresses that are used by the computers to recognize and talk to each other via networks.
These cryptographic checks could prevent hacking attempts to redirect the visitors of a website and bring them to a fake website cloned to look just like the real one. Online shoppers that are tricked into purchasing stuff from a cloned online shop could blindly give their financial details to these crooks instead of the genuine website.
Secure64, a DNS vendor, claims that it runs security checks in order to fully discover how many online and e-commerce companies has DNS vulnerabilities, additionally claiming that they discovered that none of the big names in e-commerce such as eBay and Amazon had DNSSEC implemented in their systems.