I recall a blog post where an attacker got access to the blogger's domain through a social engineering attack on the registrar, and subsequently got access to their emails.
I'm curious if anyone knows the article I'm mentioning and how to prevent such an attack. I couldn't find the article back.
If the social engineering can get past 2FA, then the only options you have are
1. The registrar has offices in your country, so you can take legal action against them. Of course, this also means that your despotic government can force the registrar to ban you, etc.
2. The registrar is not in your country, so you depend on their benevolence to reverse the social engineering.
I recall a blog post where an attacker got access to the blogger's domain through a social engineering attack on the registrar, and subsequently got access to their emails.
I'm curious if anyone knows the article I'm mentioning and how to prevent such an attack. I couldn't find the article back.