IT.COM

discuss [Resolved] Domainer Loses $26k On A Stolen Domain!

Spaceship Spaceship
Watch

Silentptnr

Domains88.comTop Member
Impact
47,106
Darn! Another scam and this time it is an experienced domainer James Booth.

James must have thought he was making a sound acquisition as he transferred approximately 26k to escrow for CQD.com. Instead, after completing the escrow, the domain was taken from his account by the registrar without notification and returned to the "true" owner.

Turns out the person that sold him the domain CQD.com, may not have been the true owner.

Apparently this incident involves several parties including the registrar and the escrow.


Thanks to Theo over at DomainGang for the tip on this.
 
30
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Well no - you don’t exactly get the recovery email address. You get an email address with two letters and rest blocked out *************** and you get even that only if that date for account creation is correct.

Plus this recovery email address is useful only for answering the question of What is your recovery email address? IF you have in the first place provided the correct PW for the gmail, or if you have access to that recovery email address to go through the lost password process.

Basically - gmail makes it seem like they are accepting your answers and will help you regain access but at the end of the process they almost always respond with “You’ll have to find another way to access your account” and deny you access.

One way hackers gain access to your email is after they’ve somehow obtained your PW from massive hacks of email servers done by overseas hackers who then publish or sell the passwords.
 
Last edited:
2
•••
I think too many domainers here assumes too much. Unless people are in this business for a long time, people had no idea how things work. I don't assume people automatically wants to do bad things. I also know most people don't know their domain name was stolen or accounts hacked until they can no longer access their accounts or websites.

So when did the website go down and email stopped working?

I had to explain the domain name, hosting, DNS, email configurations to clients and new-hires over and over and over for the last 25 years. I even had an uncle that transferred his restaurant domain name to his web designer because the designer claims it was standard, best practice for the web developer to "own" the domain names. I tried to stop my uncle but it doesn't even matter now because he is retired.
 
6
•••
She doesn't owe this forum anything in the way of proof
Disagree. She's throwing accusations and slander on right and left, but refuses to post any screenshot.
 
2
•••
but refuses to post any screenshot.
Aren't new accounts restricted from posting attachments? At least she wrote that she cannot post links,
what if attachments are also affected? Actually, if it the case, I'd recommend her to publish it on comquestdesigns.com website, and include here a text string like
zttp://comquestdesigns.com/something.jpg
which as this post shows is naturally not considered as a clickable link by forum software, but still can be understood as intended by all. It is my understanding that posting a link in such a text form would be beneficial for all interested parties and will be in line with at least the spirit of forum rules for new accounts (no clickable links to avoid spamming?). In any case, if my suggesstion is not good (would violate forum rules) - then mods are very welcome to delete this
 
Last edited:
1
•••
Well no - you don’t exactly get the recovery email address. You get an email address with two letters and rest blocked out *************** and you get even that only if that date for account creation is correct.

Plus this recovery email address is useful only for answering the question of What is your recovery email address? IF you have in the first place provided the correct PW for the gmail, or if you have access to that recovery email address to go through the lost password process.

Basically - gmail makes it seem like they are accepting your answers and will help you regain access but at the end of the process they almost always respond with “You’ll have to find another way to access your account” and deny you access.

One way hackers gain access to your email is after they’ve somehow obtained your PW from massive hacks of email servers done by overseas hackers who then publish or sell the passwords.

Apologies but I missed your point. What are you talking about?

I have only posted a way to get more information about who is behind the email "[email protected]". I know that google does not reveal the complete information for phone, recovery email, password hints, etc. that is not the intention here. what this shows is that this email was created by someone who used an US phone number and a backup email starting with "jj" and open the email account on September 2017, the month that I got a reply to my outreach for domain CQD.com.
 
7
•••
what this shows is that this email was created by someone who used an US phone number and a backup email starting with "jj" and open the email account on September 2017, the month that I got a reply to my outreach for domain CQD.com.

correction: the phone number shows only 9 digits so it cannot be assumed that is from US since google may be masking the phone number without matching directly the number of digits.
 
1
•••
ok fans. here is a png file sent to me on Dec 27 2017 when i just happened to log into my "netsol" account to manage some stuff. FREAKED OUT!

here's what i think, KNOWING i did not have knowledge of any of this crap.

buyer contacts fraud seller (who he knows)
fraud seller sells domain (to buyer he knows)
buyer puts money in escrow.com his "preferred" platform
sale is "made"
buyer cancels transaction (to seller he knows)
buyer and seller collude to make money.
becky jane is out one golden GD 22 yo active 3L domain name.

until the tenacity of the effin be-otch creates such a stir.
in the real world, karma will come back and bite you in the arse.
might not happen as fast as i want it too....but trust this -- it will.

here's once piece of ev. CANCELLED TRANSACTION from escrow.com
for 19k
NOT 26k
who's lying?
not me. i knew nothing! plus price point does not match up. someones EGO?

i want my domain back! everyday that goes by...is money. ching ching.

what's your take on this?
who the is CQD - JR (fake Seller)?????

NOT ME! link ME.
CAN'T do it. this is FRAUD from a GREEDY domain reseller praying on a honest person.

26k? ha! 19k sale cancelled....am i missing something here?
how did i get this? it was sent to me by a party at escrow.com when they began asking me who i am.

WTF!
listening to molly hatchett, lynard skynard, outlaws, marshall tucker, gregg aleman ETC and fixin' to go shoot my big dang gun at something in the woods! arrrghhhh.
 

Attachments

  • Escrow (1).jpg
    Escrow (1).jpg
    240.8 KB · Views: 52
Last edited:
3
•••
ok fans. here is a png file sent to me on Dec 27 2017 when i just happened to log into my "netsol" account to manage some stuff. FREAKED OUT!

here's what i think, KNOWING i did not have knowledge of any of this crap.

buyer contacts fraud seller (who he knows)
fraud seller sells domain (to buyer he knows)
buyer puts money in escrow.com his "preferred" platform
sale is "made"
buyer cancels transaction (to seller he knows)
buyer and seller collude to make money..

Glad you posted this. The escrow sale email is normal but with transaction number and buyer crossed out, who did that?
 
2
•••
ok fans. here is a png file sent to me on Dec 27 2017 when i just happened to log into my "netsol" account to manage some stuff. FREAKED OUT!

here's what i think, KNOWING i did not have knowledge of any of this crap.

buyer contacts fraud seller (who he knows)
fraud seller sells domain (to buyer he knows)
buyer puts money in escrow.com his "preferred" platform
sale is "made"
buyer cancels transaction (to seller he knows)
buyer and seller collude to make money.
becky jane is out one golden GD 22 yo active 3L domain name.

until the tenacity of the effin be-otch creates such a stir.
in the real world, karma will come back and bite you in the arse.
might not happen as fast as i want it too....but trust this -- it will.

here's once piece of ev. CANCELLED TRANSACTION from escrow.com
for 19k
NOT 26k
who's lying?
not me. i knew nothing! plus price point does not match up. someones EGO?

i want my domain back! everyday that goes by...is money. ching ching.

what's your take on this?
who the is CQD - JR (fake Seller)?????

NOT ME! link ME.
CAN'T do it. this is FRAUD from a GREEDY domain reseller praying on a honest person.

26k? ha! 19k sale cancelled....am i missing something here?
how did i get this? it was sent to me by a party at escrow.com when they began asking me who i am.

WTF!
listening to molly hatchett, lynard skynard, outlaws, marshall tucker, gregg aleman ETC and fixin' to go shoot my big dang gun at something in the woods! arrrghhhh.

I wonder who EC Services mentioned in the transaction are? I have never seen that name appear on any of my Escrow.com transactions.
 
1
•••
I wonder who EC Services mentioned in the transaction are? I have never seen that name appear on any of my Escrow.com transactions.
I can almost guarantee you it stands for Concierge Services. Relatively new (term-wise, anyway).

*Disclaimer: I now see where that shows up, which is odd (as if it's an entity separate from Escrow.com) but anyway that's still my best guess. :xf.wink:
 
Last edited:
2
•••
Let's just be clear. That is NOT my transaction in October.
 
4
•••
26k? ha! 19k sale cancelled....am i missing something here?
Yes, you've been missing the comments. That 19k cancelled sale is possibly associated with another person, Mike Han.
 
2
•••
Let's just be clear. That is NOT my transaction in October.

If this is true, then Escrow.com had no way to detect the same domain name being sold simutainously? even within the same system?
 
1
•••
@spoiltrider try to come down, please don’t assume everyone had bad intentions from the start.

At this point, the best course of action is gather as much information as possible. Change and use unique passwords for each site, use MGA whenever possible. The situation may be more sophasticated then we all assuming.

There might be insiders at Network Solutions that compromised the security, there may be systematic issues at Escrow.com that being exploited by fraudsters, James Booth might be the second or even third buyer for the domain name.
 
3
•••
here is a png file sent to me on Dec 27 2017
It is an interesting date. Something new for the whole story. What _exactly_ was wrong when you logged in to Netsol on Dec 27th? The cqd.com domain was not there?
 
2
•••
ok fans. here is a png file sent to me on Dec 27 2017 when i just happened to log into my "netsol" account to manage some stuff. FREAKED OUT!

here's what i think, KNOWING i did not have knowledge of any of this crap.

buyer contacts fraud seller (who he knows)
fraud seller sells domain (to buyer he knows)
buyer puts money in escrow.com his "preferred" platform
sale is "made"
buyer cancels transaction (to seller he knows)
buyer and seller collude to make money.
becky jane is out one golden GD 22 yo active 3L domain name.

until the tenacity of the effin be-otch creates such a stir.
in the real world, karma will come back and bite you in the arse.
might not happen as fast as i want it too....but trust this -- it will.

here's once piece of ev. CANCELLED TRANSACTION from escrow.com
for 19k
NOT 26k
who's lying?
not me. i knew nothing! plus price point does not match up. someones EGO?

i want my domain back! everyday that goes by...is money. ching ching.

what's your take on this?
who the is CQD - JR (fake Seller)?????

NOT ME! link ME.
CAN'T do it. this is FRAUD from a GREEDY domain reseller praying on a honest person.

26k? ha! 19k sale cancelled....am i missing something here?
how did i get this? it was sent to me by a party at escrow.com when they began asking me who i am.

WTF!
listening to molly hatchett, lynard skynard, outlaws, marshall tucker, gregg aleman ETC and fixin' to go shoot my big dang gun at something in the woods! arrrghhhh.
Thank you!!
 
1
•••
There might be insiders at Network Solutions that compromised the security

The whole operation is compromised!

there may be systematic issues at Escrow.com

Ya think?, they transacted the sale of the same stolen domain, not once, but twice! First to Mike Han, then to James Booth, but at least Mr. Han got his 19K back, minus the Escrow fees, which is absurd in itself, paying fees to have people try and steal money from you! James has the domain minus 26K and Rebecca has nothing! No domain and no 26K, and that is just not right!

Unfortunately, I'm still not sure if Rebecca @spoiltrider even realizes this was actually two fraudulent sales instead of just one. The first to Mr. Han for 19K which is the Escrow.com screenshot she posted that she wasn't a party to, but was sent by Escrow.com when they realized they transacted 2 fraudulent transactions for the same domain! The second was the Booth transaction for 25K plus fees (26K) that she probably doesn't have any record of whatsoever. All of Rebeccas accounts, emails, phone numbers were changed by the thief using info from the Yahoo email hack. The thief rerouted and answered emails, phone calls etc. to trick Mr. Booth into believing his due diligence was complete, which it wasn't, obviously. I'm speculating that James never called Rebeccas cell number from her real estate website, which truly, is the only number the thief hadn't been able to change, and even if Mr. Booth had called the cell number, he never was able to speak to her on that cell number, I assume. James claims he spoke to someone on the phone, which he probably did, but it wasn't Rebecca, it was someone pretending to be her, and was probably the number from the changed whois info that he dialed. Domain thieves rarely change DNS records, as that is what would tip someone off that something wasn't right, when the rightful owner stops receiving email or the website doesn't resolve.

The thief was thorough in his changing of most of Rebeccas accounts to his control using address and names similar to Rebeccas so most people wouldn't notice the changes and so he could manage these fraudulent transactions. The thief went so far as to make fake ID's to submit to Escrow.com, probably using Rebeccas online real estate photo.

So what now? If James won't relinquish the stolen domain, which he probably won't as it's his only bargaining chip, Rebecca has to decide if she wants to work with James and perhaps come to a brokerage agreement where as James could sell the domain and get his 25K back and Rebecca could receive the rest of the profits. Or she could go all in, "Hell hath no fury" style and like any good litigant sue everyone involved in the transaction, Web.com, Escrow.com, Mike Han and James Booth in the hopes of getting her property back and salvaging any profitability once all her legal bills are satisfied.

I truly feel bad for Rebecca and hope she gets her name back, with as little litigation and cost as possible!
 
3
•••
The whole operation is compromised!



Ya think?, they transacted the sale of the same stolen domain, not once, but twice! First to Mike Han, then to James Booth, but at least Mr. Han got his 19K back, minus the Escrow fees, which is absurd in itself, paying fees to have people try and steal money from you! James has the domain minus 26K and Rebecca has nothing! No domain and no 26K, and that is just not right!

Unfortunately, I'm still not sure if Rebecca @spoiltrider even realizes this was actually two fraudulent sales instead of just one. The first to Mr. Han for 19K which is the Escrow.com screenshot she posted that she wasn't a party to, but was sent by Escrow.com when they realized they transacted 2 fraudulent transactions for the same domain! The second was the Booth transaction for 25K plus fees (26K) that she probably doesn't have any record of whatsoever. All of Rebeccas accounts, emails, phone numbers were changed by the thief using info from the Yahoo email hack. The thief rerouted and answered emails, phone calls etc. to trick Mr. Booth into believing his due diligence was complete, which it wasn't, obviously. I'm speculating that James never called Rebeccas cell number from her real estate website, which truly, is the only number the thief hadn't been able to change, and even if Mr. Booth had called the cell number, he never was able to speak to her on that cell number, I assume. James claims he spoke to someone on the phone, which he probably did, but it wasn't Rebecca, it was someone pretending to be her, and was probably the number from the changed whois info that he dialed. Domain thieves rarely change DNS records, as that is what would tip someone off that something wasn't right, when the rightful owner stops receiving email or the website doesn't resolve.

The thief was thorough in his changing of most of Rebeccas accounts to his control using address and names similar to Rebeccas so most people wouldn't notice the changes and so he could manage these fraudulent transactions. The thief went so far as to make fake ID's to submit to Escrow.com, probably using Rebeccas online real estate photo.

So what now? If James won't relinquish the stolen domain, which he probably won't as it's his only bargaining chip, Rebecca has to decide if she wants to work with James and perhaps come to a brokerage agreement where as James could sell the domain and get his 25K back and Rebecca could receive the rest of the profits. Or she could go all in, "Hell hath no fury" style and like any good litigant sue everyone involved in the transaction, Web.com, Escrow.com, Mike Han and James Booth in the hopes of getting her property back and salvaging any profitability once all her legal bills are satisfied.

I truly feel bad for Rebecca and hope she gets her name back, with as little litigation and cost as possible!
Along those same lines, James could pledge to compensate her something when and if he sells the domain down the road.
 
Last edited:
0
•••
James could pledge to compensate her something when and if he sells the domain
Too late imho.... In light of:
i want any buyer to run away from my domain CQD.com for the issues that now plaque it and will continue to plaque it. i want my domain to be fled from, as if it has leprosy!
With the story posted everywhere including ripoffreport, who will buy it now... from James, or from Rebecca directly
 
3
•••
James claims he spoke to someone on the phone, which he probably did, but it wasn't Rebecca, it was someone pretending to be her, and was probably the number from the changed whois info that he dialed.
Not entirely the case:

@spoiltrider wrote:

"james did call me once and left a message. it was 2AM,my phone goes to DND and at that point i was so mad i thought it best not to say anything. legal lock had been placed on my domain once it came back to me when i reported to network solutions i did not authorize the sale. that was the only contact ever attempted to me. and the vm did come through. but none prior, and none since."
 
Last edited:
1
•••
So, whats next? Since there are so many black holes in the whole story, it appears that going "legal way" may be the only reasonable thing to do. In fact, for either party...

Forum discussions are interesting, but they can not return the domain name OR determine that it should not be returned. In fact, with all the unanswered questions, the whole story currently looks like "Alice in Wonderland" well described by Lewis Carroll:

(quote begin)

"There’s more evidence to come yet, please your Majesty," said the White Rabbit, jumping up in a great hurry; "this paper has just been picked up.’

"What’s in it?" said the Queen.

"I haven’t opened it yet," said the White Rabbit, "but it seems to be a letter, written by the prisoner to–to somebody."

"It must have been that," said the King, "unless it was written to nobody, which isn’t usual, you know."

"Who is it directed to?" said one of the jurymen.

"It isn’t directed at all," said the White Rabbit; "in fact, there’s nothing written on the OUTSIDE." He unfolded the paper as he spoke, and added "It isn’t a letter, after all: it’s a set of verses."

"Are they in the prisoner’s handwriting?" asked another of they jurymen.

"No, they’re not," said the White Rabbit, "and that’s the queerest thing about it." (The jury all looked puzzled.)

"He must have imitated somebody else’s hand," said the King. (The jury all brightened up again.)

"Please your Majesty," said the Knave, "I didn’t write it, and they can’t prove I did: there’s no name signed at the end."

"If you didn’t sign it," said the King, "that only makes the matter worse. You MUST have meant some mischief, or else you’d have signed your name like an honest man."

There was a general clapping of hands at this: it was the first really clever thing the King had said that day.

"That PROVES his guilt," said the Queen.

(quote end)
 
2
•••
i am not looking for compensation, i just want my domain back.
no amount of money will ever compensate me for it. it's priceless to me.
cqd.com has been registered in bad faith and with knowledge of my complaints (and rights.)
 
1
•••
Disagree. She's throwing accusations and slander on right and left, but refuses to post any screenshot.
slander is telling lies.
i am not lying.
 
1
•••
here is a fake email for you to disect too.
it uses my real estate pic. note the header
Default <[email protected]>
WRONG!
that is NOT what my emails look like from cqd.com and my yahoo account is a catch basin for junk mail. i don't use the yahoo account for any cqd business, i brand myself. my cqd.com email has a specific signature too and i have years and years of proof of that.. i use yahoo when i sign up for the DIY dream home giveaways and stupid stuff like that.
i type everything in my emails in lower case....unless IM SCREAMING! or it's a formal proposal submission, and that i don't do in email format. those are printed documents with blue ink signatures.
who are these people? what kind of idiot, knowing about cybersquatters and hijaackers would spend that kind of money on a domain without proper authentication? it beats all i have ever seen. thats just bad business decsion making processing. i am not a domainer. i just own a 3L domain that somebody wants to sell to make a profit. meanwhile, back at the ranch....my presence on the web is dead. but anyway, have fun with this.....and who is Mr. Han? i am trying to take the time to read this whole forum. how do i print it all out so i can put it in a binder and read the book? how did i get the screen shots of the attached emails? escrow.com sent them to me before the shit hit the fan. I DID NOT WRITE THEM!!!

who is jack?
who is jake?
who the hell is pretending to be me? I hope God strikes them down with a bolt of lightening!
 

Attachments

  • FAKE email A 2017-12-27 at 11.43.12 AM 2.png
    FAKE email A 2017-12-27 at 11.43.12 AM 2.png
    74.2 KB · Views: 62
  • FAKE email B 2017-12-27 at 11.43.29 AM.png
    FAKE email B 2017-12-27 at 11.43.29 AM.png
    72.1 KB · Views: 68
Last edited:
2
•••
Mr. Han bought your domain from the hacker for 19K but cancelled the sale a few days later when he realized something wasn't right. Luckily the 19K had not been released yet by Escrow.com so he was able to get that money back. I think that is the invoice that you have posted here, that you mistakenly think was from James Booth. Your domain was sold twice, once to Mr. Han for 19K and once to James Booth for 25K. How do you not yet know this? Where does this case stand from your perspective? What steps have you taken to get your domain back? @spoiltrider
 
2
•••
Back