NameSilo
James Iles

CV.com Is Returned to Its Rightful Owner

Views:
1,883
Comments:
17
By James Iles, Apr 25, 2018
  1. James Iles

    James Iles NamePros Writer PRO Gold Account VIP Trusted Blogger

    Posts:
    1,389
    Likes Received:
    11,454
    With just 676 domains in existence, two-letter .COM names are some of the most sought-after properties on the Internet. Thanks largely to interest from Chinese investors, these names now routinely fetch six and seven-figure prices. Two-letter names are liquid domains that can easily be resold within a matter of days thanks to the number of investors around the World who covet these as assets. It’s this liquidity that can make these a target for domain thieves.

    Last week, we noticed that the domain CV.com had moved from Network Solutions to GoDaddy and started to display a new website. Typically, this would signify that the domain had sold, but not in this case. It turns out that the domain had been given back to its rightful owner after an investigation by Web.com, owners of registrar Network Solutions.
    cv.jpg

    This news came to light after speaking with Amanda Waltz, executive director at Brandit, a brokerage company that marketed the domain for a brief period last year before the theft came to light. According to Amanda, the domain was originally owned by a French company, who sold this valuable name a couple of years ago to a husband and wife, who happen to have a Chinese surname.

    The thief created an email address that was of Chinese surname decent and transposed two letters. For example, a “@Chiang.com” email address would have been changed to a “@Chaing.com” address, which helped to transfer control of the domain with little detection. According to Amanda, it’s also likely that the thief hacked into the couple’s registrar account for a brief period of time, with the domain transferred to the thief’s possession using that very similar email address.

    The two-letter domain transferred into the possession of the thief in October 2017, with just the email address subtly changed. This made it extremely difficult for registrars and brokers performing due diligence to spot any problems with the domain.

    According to DomainIQ's WHOIS history tool, the name moved into the possession of Web.com's legal team in January 2018 following work from Amanda to confront the imposter.

    Following an investigation, the domain was given back to the original owners and has now been moved under privacy protection to GoDaddy.

    Securing assets such as CV.com against theft should be a high priority for owners. Many registrars and email services encourage users to introduce two-factor authentication and other security measures to protect their accounts. NamePros own @Paul Buonopane produced an article about domain theft that provides further reading on this matter.
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Next Article
    Top Topics: Why I Registered 20,000 Domains; My Sales In March 2018...
    Previous Article
    JL.com Sells to China
  3. Loading...
  4. James Iles

    About The Author — James Iles

    Writer for NamePros.com. For all inquiries relating to stories and interviews, please email: [email protected]

    This is James Iles's 531st blog post on NamePros. View all blog posts

    Home Page:
    http://twitter.com/jamesiles
    Actions:
    Follow
  5. Comments (17)

  6. Silentptnr

    Silentptnr Hey From L.A. VIP

    Posts:
    11,418
    Likes Received:
    27,927
    People really need to use two factor authentication. When will people realize?
     
  7. IMEZI

    IMEZI Top Member VIP ★★★★★★★★★★

    Posts:
    4,688
    Likes Received:
    1,178
    sometimes they were comfortable within their safety zone for decade before stumbled into security problem and then suddenly they just realized....
     
  8. deez007

    deez007 The More I Learn The Less I "Know" VIP

    Posts:
    7,761
    Likes Received:
    13,836
    Wow man, glad to hear that they were able to get the domain back.

    Must have been torture for them almost losing a beauty like this.
     
  9. MapleDots

    MapleDots Domain Properties 2010 - 2018 VIP

    Posts:
    3,704
    Likes Received:
    7,197
    I'm seeing a number of domains returned to their rightful owner.

    There should be a much simpler process to have a procedure in place that gets the domains back to their rightful owners faster.

    Nonetheless it's always good news when property gets returned to the rightful owner.
     
  10. DomainRecap

    DomainRecap Established Member

    Posts:
    649
    Likes Received:
    636
    People need to realize there is no "hacking" going on here, there is no guy in a hoodie sitting a dark room on a laptop, just a scammer calling up your Registrar or Internet provider (or whoever holds the email attached to the domain), pretending to be the owner (using freely available WHOIS address and phone data) to get the account reset, then take over the emails attached to it. Then it's simple to transfer the domain without anyone being the wiser.

    If there is 2-step authentication, then the scammers call your cell phone company and using WHOIS data, try to get your phone number ported to a new phone/sim. Bingo, they are in your account.

    This is called social engineering and it relies on the stupidity of the other person on the line at your Internet provider, Registar, Bank, Cell Phone Company and wherever else you do business. And trust me, these CSRs are not related to Einstein.

    I spoke to some guys I know in RCMP and they said there is a HUGE wave of social engineering blocks in Africa (i.e. there are entire neighborhoods in Marakesh doing this) that are mass calling and trying to get bank, registar, email and cell phone access using WHOIS and other publicly available data sources. Apparently the losses are staggering.

    Until I got rid of my .US and .CO.UK domains that do not allow WHOIS privacy, I would regularly get email and phone security alerts that someone was calling in and trying to change my account, and the last few times it was traced back to Morocco and Nigeria. One time they almost got me, as some moron at Bell changed my email password for them (not attached to any Registar account, thank God), but I quickly changed it back.

    Since I deleted those offending domains, I have not had a single problem, so it's pretty obvious WHOIS is being mined for nefarious purposes like identity theft, bank account access, and domain theft, among others.
     
  11. DomainRecap

    DomainRecap Established Member

    Posts:
    649
    Likes Received:
    636
    It doesn't matter, as the scammers just call your cell phone company and get your number ported.
     
  12. Silentptnr

    Silentptnr Hey From L.A. VIP

    Posts:
    11,418
    Likes Received:
    27,927
    This is why I have suggested and really like, secret questions. Cant be ported, cant be impersonated.

    I know of only one registrar that has two factor and secret questions combined.
     
  13. DomainRecap

    DomainRecap Established Member

    Posts:
    649
    Likes Received:
    636
    Exactly, and I have lobbied my service providers for SECRET CODES and some of them have provided this. No way to break that puppy unless you kidnap me.

    I don't trust questions that have anything to do with your past or preferences or have a set number of choices, as they can be social engineered or brute force broken - like my bank, it uses "Favorite Color" from a drop-down list - WTF?
     
  14. Candace

    Candace Broker at Starfire Holdings Starfire Holdings PRO Blue Account VIP

    Posts:
    735
    Likes Received:
    1,116
    I definitely agree with the two factor verification.

    However, do we see the common denominator here? Many/most of the domains that were stolen (recently) were stolen from Netsol. Get your valuable domains out right away people.

    I always wonder why people leave their valuable domains at Netsol; but then again many don't know better.
     
  15. MapleDots

    MapleDots Domain Properties 2010 - 2018 VIP

    Posts:
    3,704
    Likes Received:
    7,197
    Netsol is like a plague that needs to be exterminated.
     
  16. elevator

    elevator DnCombo.com VIP

    Posts:
    1,647
    Likes Received:
    1,190
    That's a great asset. recovered by the owner! That's a great and wonderful job. But how would the owner felt when such asset was stolen?
     
  17. Michael Ehrhardt

    Michael Ehrhardt Active Member VIP

    Posts:
    5,021
    Likes Received:
    3,271
    THANK YOU but

    With just 676 domains in existence, two-letter .COM names ....

    What is wrong on this ❓

    There are much more

    ā is a regular Latin letter
    I bet this is not in your measurement

    Sorry to tell you... 🤓
     
  18. James Iles

    James Iles NamePros Writer PRO Gold Account VIP Trusted Blogger

    Posts:
    1,389
    Likes Received:
    11,454
    You know that “ā” is an IDN transposed to XN—YDA and therefore couldn’t be classed as a single letter for domain purposes.

    That’s why you were able to register a certain “single letter” .com.
     
  19. davidthornton

    davidthornton Established Member

    Posts:
    90
    Likes Received:
    66
    The *.uk registry has no issue with privacy and many *.uk registrars have provided traditional WHOIS privacy service to their domain name registrants for many years. The registry has also had an optional registry privacy framework that registrars could have chosen to use but due to the forthcoming GDPR changes, that service is being terminated and a proxy service will be made available following a further consultation in June 2018.
     
  20. DomainRecap

    DomainRecap Established Member

    Posts:
    649
    Likes Received:
    636
    I could not get CO.UK privacy to work with UniRegistry - I would click the Privacy bar and it would not stick.
     
  21. ben pedri

    ben pedri Active Member VIP

    Posts:
    2,398
    Likes Received:
    1,288
    I would like to know if I bought a domain at afternic ,or godaddy or sedo and spent 50k ,are the companies liable to make sure the domain is not stolen,after all a 50k transaction is 10k for them ,so whats the verdict
     
  22. davidthornton

    davidthornton Established Member

    Posts:
    90
    Likes Received:
    66
    Uniregistrar d/b/a Uniregistry appears to have issues supporting certain aspects of *.uk. I’ve experienced a different issue with them and have given up trying to explain it to them via support tickets. I understand why they have the issue but they weren’t able to comprehend my explanation relating to orphaned contact objects at the registry being deleted by the registry so I’ve given up.
     
Lysted
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...