- Impact
- 115
Method 1:
Open this page and spend a minute to check what you see:
https://supportcenter.godaddy.com/DomainServices/ChangeRequestPage.aspx?prog_id=GoDaddy
What you see is a form to change your account email or to push your domain from your account to another. All they ask is a screenshot of a photoshop file where the scammer has typed your name in one of those documents:
Yes, you read it correct. A scammer can take any image file of any photo ID and open it in photoshop and type your name. Then save the image file and upload it using that form. Godaddy will change your account email to any email address the scammer submits in the form. On that page there is a button that says "chose file". The scammer would click this button to upload a fake image file.
You might think that's not possible. Think again. Late 2009 a 3 letter domain PDN dot com was stolen with this method. You can check it here.
Method 2:
Except that method you see above, there is another method which involves email forwarding your whois or account email address to scammers mail address. The simply asks your domain registrar to set email forwarding. You might think the support staff wouldn't do it. Think again.
Check out how sweet.com and direction.com was stolen:
http://preventdomaintheft.com/2008/03/08/social-engineering-is-the-easiest-way-to-steal-domains/
This article was written by the original owner of direction.com who had this domain stolen but recovered it later.
Method 3:
The scammer will just email godaddy directly from his own email address and ask them to change your account email to his. Surprisingly godaddy will do this if they get any of the following:
your four-digit Shopper PIN or,
your 4 digit Paypal Billing ID or,
the last 6 digits of the credit card on file
Especially, if you have used your credit card on any website where you bought a domain related service, for instance if you bought domains at another registrar, if you bought domainer software at another site they would know that you are a domainer and they would know the last 6 numbers of your credit card. This is the only information needed:
http://www.WarriorForum/main-internet-marketing-discussion-forum/32077-godaddy-security-hole.html
Open this page and spend a minute to check what you see:
https://supportcenter.godaddy.com/DomainServices/ChangeRequestPage.aspx?prog_id=GoDaddy
What you see is a form to change your account email or to push your domain from your account to another. All they ask is a screenshot of a photoshop file where the scammer has typed your name in one of those documents:
- State issued driver's license
- State issued photo identification card
- Passport
- Military photo identification
Yes, you read it correct. A scammer can take any image file of any photo ID and open it in photoshop and type your name. Then save the image file and upload it using that form. Godaddy will change your account email to any email address the scammer submits in the form. On that page there is a button that says "chose file". The scammer would click this button to upload a fake image file.
You might think that's not possible. Think again. Late 2009 a 3 letter domain PDN dot com was stolen with this method. You can check it here.
Method 2:
Except that method you see above, there is another method which involves email forwarding your whois or account email address to scammers mail address. The simply asks your domain registrar to set email forwarding. You might think the support staff wouldn't do it. Think again.
Check out how sweet.com and direction.com was stolen:
http://preventdomaintheft.com/2008/03/08/social-engineering-is-the-easiest-way-to-steal-domains/
This article was written by the original owner of direction.com who had this domain stolen but recovered it later.
Hello Dear,
Thanks for nice services and support,
I’m tried many time to set mail forwarding for my email account, but page will not load after click on Submit button for set mail forwarding!!!
domain: SWEET.com
Tried to set: [email protected] forward to [email protected] So, Please check it and try to set this mail forwarding….and send me note when you have done it.
[the name of the administrator of sweet.com]
Thanks Again
Method 3:
The scammer will just email godaddy directly from his own email address and ask them to change your account email to his. Surprisingly godaddy will do this if they get any of the following:
your four-digit Shopper PIN or,
your 4 digit Paypal Billing ID or,
the last 6 digits of the credit card on file
Especially, if you have used your credit card on any website where you bought a domain related service, for instance if you bought domains at another registrar, if you bought domainer software at another site they would know that you are a domainer and they would know the last 6 numbers of your credit card. This is the only information needed:
http://www.WarriorForum/main-internet-marketing-discussion-forum/32077-godaddy-security-hole.html
Here is an excerpt on the email I got from them
"If you are unable to log in and would like us to modify the e-mail address on file for an account, we will first need to verify the account. To verify the account, please reply to this message with your four-digit Shopper PIN, 4 digit Paypal Billing ID, or the last 6 digits of the credit card on file, as well as the new e-mail address that you would like to be on file for your Go Daddy account. The change will be made promptly upon verification of information and your reply and you will receive an email confirming that the change is complete.
Last edited:
