By hijacking domains with CNAME records and exploiting forgotten SPF records, attackers seize domains and use them for their own purposes.