IT.COM

warning I lose $42,000 on an escrow.com transaction as pdd.com, help please.

Spaceship Spaceship
Watch

American

Established Member
Impact
44
Hi,
I bought pdd.com via escrow.com and the seller took the domain back on networksolutions.com after he received the money $42,000 US dollar.

for detailed information, please view http://www.drjw.com/

Any suggestions about what I can do is welcome, thank you!

If you know a lawyer who is an expert in online domain name disputes, please tell me his/her contact information, thank you very much!
 
17
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
0
•••
Hmmmmmm

Where is op??

American
American
American
American

By George I think he's left us :meh:
yes,I'm here,we have jet lag.
sorry,i can't give you back at here every minutes.
 
0
•••
Could be. But unless @American tells them and us why friends' names / accounts were used for the deal, nothing will work out. It's not too complicated to get an Escrow account or Netsol account thesedays.
My friend "ye tian" also buy and sell domains,when i got this domain information,we discussion about it,i don't like pdd.com,but "ye tian" want buy it.
because I'm already bought 3620.com form the seller at sedo.com.it's used my own id 365433387@(double Q).com,i don't know he was liar at that time.
so "ye tian" let me talk to him and make that deal.
That's why i use my email talk to him but used another escrow.com id 964000@(double Q).com to deal with pdd.com.because when the domain price was confirmed,It's need him to paid for this,not me.
he doesn't have an account at networksolutions.com,so used my account to get the pdd.com,my id at networksolutions.com also was a new account,this account register after i won sedo.com auction for 3620.com,the pdd.com through [email protected] to arrived my account,this account just used to be transfer 3620.com to me,this information can find at my website about 3620.com at sedo.com transactions.sedo tell me the seller can't give me a transfer code.so they push this domain at networksolutions.com.so i can't transfer this domain to my registry.
 
Last edited:
3
•••
After reading through the details the OP posted at drjw.com -- just wondering if Patrick is ok from his "car accident" </end sarcasm>, and also wondering why he signs his emails as "Stas K." (what does that mean?) Is it a slip up and part of his signature in email app?
I have no idea about that change,I’m already found this change,but i don't know why.
 
1
•••
In other words, you were dishonest and lied to Escrow.com about who you are, and you expect... what?
I don't lie to escrow.com,i never sent even one email to escrow.com.
there contact escrow all was my friend ye tian used his 964000@(double Q).com.
 
1
•••
My friend "ye tian" also buy and sell domains,when i got this domain information,we discussion about it,i don't like pdd.com,but "ye tian" want buy it.
because I'm already bought 3620.com form the seller at sedo.com.it's used my own id 365433387@(double Q).com,i don't know he was liar at that time.
so "ye tian" let me talk to him and make that deal.
That's why i use my email talk to him but used another escrow.com id 964000@(double Q).com to deal with pdd.com.because when the domain price was confirmed,It's need him to paid for this,not me.
he doesn't have an account at networksolutions.com,so used my account to get the pdd.com,my id at networksolutions.com also was a new account,this account register after i won sedo.com auction for 3620.com,the pdd.com through [email protected] to arrived my account,this account just used to be transfer 3620.com to me,this information can find at my website about 3620.com at sedo.com transactions.sedo tell me the seller can't give me a transfer code.so they push this domain at networksolutions.com.so i can't transfer this domain to my registry.
Sorry,there have a mistake,the domain through [email protected] to my networksolutions.com account,was 3620.com not pdd.com.
 
0
•••
It hits me, Sedo does have information on the thief too. Contact Sedo about the thief and transfer problems because from same user at Sedo? Sedo has parking verification, ids verification for sales too. Maybe they can help?
 
1
•••
I'm also want give you a big laugh,that you used google to search a not famous Chinese,i advice you search Jack ma,he build alibaba.com,you can get anything you want,I am just an ordinary person, not famous.
@American , my friend. I was not searching for you. I was trying to see which gender pops up for the names as shared by you - " you can find the domain under my name "yue er" or "lou zhiyong"."
Results were pretty confusing as you can see. But that's something that can be explained only by you.

@tech4 Yes. SEDO does that. But they won't divulge anything unless they see the Law enforcement agency up their offices.
 
0
•••
Get Rick to put on Hall of Shame and get an article on DNJ or other and Escrow.com will then help you.
 
0
•••
Get Rick to put on Hall of Shame and get an article on DNJ or other and Escrow.com will then help you.

No, Escrow.com is not going to release confidential data simply because Rick pitches one of his tantrums.
 
2
•••
----------
On Wed, Jan 4, 2017 7:26:40 PM, [email protected] wrote:
Hi XXX,

Thanks for getting back to us.

The wire transfer receipt is false as the funds never reached our account (it was this receipt that caused us to prematurely and incorrectly mark the transaction as paid).

Regards,

Nicholas Hairs
Security Engineer
Escrow.com

For those playing along at home:

I am playing, ;) please continue

A buyer in an Escrow.com sent Escrow.com a fake wire transfer document, which Escrow.com then relied upon in order to issue a payment confirmation - instead of checking their own bank account to see if they had received the payment.

What was particularly inept about this "Security Engineer" email, was that

Mr. Hairs just went the extra mile of stating that Escrow.com did not check its own bank account to see if they had received the money, before issuing a confirmation that they had received the money.

That's interesting.

you want to have confidence that operatives are following the basic SOP's with money transfers.

imo...
 
0
•••
you want to have confidence that operatives are following the basic SOP's with money transfers.

As was stated above, you have to look at the big picture. I'm aware of a handful of craptastic failures by Escrow.com. They do zillions of transactions per nanosecond or whatever, so it's the same deal as going to Chipotle - thousands of people had a fine meal there last year, and only a couple of them died of food poisoning.

Dove soap made a fortune on the slogan "99 and 44/100 percent pure". My takeaway from that is Dove soap might be 56/100 percent toxic radioactive waste, but it does the job.
 
5
•••
I'm very surprised that escrow.com has confirmed receipt of funds that they haven't really received.

As to the ops problem....In my opinion, escrow has a single function and it does not include checking buyer or seller.

However, I can see where they absolutely should verify both the funds being used and the domain being sold through it's platform.

I think the op is well aware that unless there is legal action or a miracle, there is absolutely no chance of recovering this funds or the domain.

I would suggest that the op also focus on unlocking his NS account and recovering 3620.

Too much money to not thoroughly check out what he was buying.
 
1
•••
I would suggest that the op also focus on unlocking his NS account and recovering 3620.

If 3620.com was sold to OP [ @American ] by same person [Patrick Sitrok] who sold OP alleged stolen PDD, what is to say that 3620 wasn't stolen as well, and if so, there may be another John Doe* victim at hand.

*John Doe could be Eric Vivien, or whomever legitimately owned the domain after him.
 
Last edited:
1
•••
If the Seller gets lucky, and 3620 is legit. Who knows Patrick may be a real person? But the problem is NS will probably wash their hands, even if it is legit. The seller in this case will need lawyers and lawsuit against NS. To find out if PDD was in it with Patrick or if NS wants to wash their hands. Even if it is stolen, NS should notify each party.

So let's say seller buys a car, stolen, police will notify that the car is stolen, belongs to x, and x has filed a report as of date xzy. In the case of NS they don't even say anything which we don't even know if PDD was in it together with Patrick. Or that NS did something stupid, they just locked the Seller's account, there was no filing that PDD was stolen, Patrick reported to NS that it is stolen, but the situation got bigger, so Patrick left the scene, NS just reverted back to the former owner.

There's a bunch possibilities that NS screw up, the thief Patrick screw up, he may be thinking that he would resell it again, instead NS covered their own track by not saying anything. And there's a possibility that PDD is in it with Patrick, or PDD sold it to Patrick a few years ago for cheap x,xxx and PDD wants it back, and Patrick is a con man and decides that its time to give back.

We don't know what the situation is, or the seller for some really stupid reason is the hacker? Which makes no SENSE.

------------------
I think the Seller should contact NS ask why his account was frozen, and who filed a complaint against him and when was that filed. IF someone filed a complaint against my account I have the rights to know.

In the case NS/Web is irresponsible in not saying anything. When doing business, one should be transparent and fair, and have some integrity. I don't think I will do business with Network Solution or Web in the future. Should you be able to know who filed a complaint against you and for what reasons? Without going through the lawyers?

NS/Web is not transparent in this case, and lack of integrity. And a few other companies if it comes to this. I am also wondering what the OP seller is doing in this situation?
 
Last edited:
0
•••
I noticed something using the Chinese Whois, on 12/5 Friday the whois is the seller, on 12/6 a Saturday it goes back to old whois PDD. But on a Sunday it goes to privacy to abuse@web, and its on and off. Before those dates it does have a pattern of going privacy and off too.

Question is, if it goes back to PDD (assuming company is legit and still operating) why is it going back to privacy and back to PDD on a Saturday and Sunday? (maybe thief is still holding to it via "legit PDD" an insider?) This is just a question, is PDD still operating or is this done by some technician who has accessed to PDD and wants it want privacy and then changing back and forth, I think there maybe 2 thiefs, unsure of what they are doing???

Is it in PDD hands right now or is it the thief still holding on to it???? Just my assumption because I see the pattern of going to privacy even after it is restored to mkittrel@pdd. So if the thief is holding it, there's no way to know, unless someone contact PDD. This looks very suspicious!

------------
My assumptions.
1) There are more than 1 thief, unsure of what they are doing
2) They operate on Saturday and Sunday, which PDD may no longer be in service
3) Very suspicious that they go back and forth to privacy even before the sale and after the sale. Meaning they are somehow connected to PDD or PDD has sold it off or left it gave it away for cheap to someone inside.

Then the NS/ We need to know who filed the complaint, the reason. and date of file.
This will be clearer and closer if there is information. American can you get NS Web to tell you why they closed your account, and who filed the complaint, and what complaint, and when that was filed? You have the rights to know who filed a complaint against your account in what manners.
 
Last edited:
1
•••
Last edited:
0
•••
0
•••

Weird...

(posts go back to 2014)

**notice hotmail email**
upload_2018-1-11_18-6-7.png


According to archive records of PDD.com, they used/linked the following social media:

https://www.facebook.com/pages/PDDInc/ [page not found]
https://twitter.com/PDDInc
https://www.linkedin.com/company/535912/
 
Last edited:
0
•••
If the Seller gets lucky, and 3620 is legit. Who knows Patrick may be a real person? But the problem is NS will probably wash their hands, even if it is legit. The seller in this case will need lawyers and lawsuit against NS. To find out if PDD was in it with Patrick or if NS wants to wash their hands. Even if it is stolen, NS should notify each party.

So let's say seller buys a car, stolen, police will notify that the car is stolen, belongs to x, and x has filed a report as of date xzy. In the case of NS they don't even say anything which we don't even know if PDD was in it together with Patrick. Or that NS did something stupid, they just locked the Seller's account, there was no filing that PDD was stolen, Patrick reported to NS that it is stolen, but the situation got bigger, so Patrick left the scene, NS just reverted back to the former owner.

There's a bunch possibilities that NS screw up, the thief Patrick screw up, he may be thinking that he would resell it again, instead NS covered their own track by not saying anything. And there's a possibility that PDD is in it with Patrick, or PDD sold it to Patrick a few years ago for cheap x,xxx and PDD wants it back, and Patrick is a con man and decides that its time to give back.

We don't know what the situation is, or the seller for some really stupid reason is the hacker? Which makes no SENSE.

------------------
I think the Seller should contact NS ask why his account was frozen, and who filed a complaint against him and when was that filed. IF someone filed a complaint against my account I have the rights to know.

In the case NS/Web is irresponsible in not saying anything. When doing business, one should be transparent and fair, and have some integrity. I don't think I will do business with Network Solution or Web in the future. Should you be able to know who filed a complaint against you and for what reasons? Without going through the lawyers?

NS/Web is not transparent in this case, and lack of integrity. And a few other companies if it comes to this. I am also wondering what the OP seller is doing in this situation?
I sent emails like you said to ask NS and web.com,NS don't give me back,web.com just told me wait.
 
2
•••
My assumptions.
1) There are more than 1 thief, unsure of what they are doing
2) They operate on Saturday and Sunday, which PDD may no longer be in service
3) Very suspicious that they go back and forth to privacy even before the sale and after the sale. Meaning they are somehow connected to PDD or PDD has sold it off or left it gave it away for cheap to someone inside.

Who are you assuming the other thief is?

I think an important detail that hasn't really been touched on is the RBG.com domain I mentioned earlier, that was associated to the email that sold OP the domains.

Notice, WHOIS email is in @RBG.com & name servers stay at worldnic...

upload_2018-1-11_18-40-27.png


RBG appears to stay under privacy until Patrick Sitrok's (seller of PDD.com / 3620.com) info appears for a few days, then WHOIS goes back to the prior 2016 WHOIS owner (before privacy) with one minor detail changed regarding the address, One North = 1 N.

upload_2018-1-11_18-39-24.png
 
Last edited:
3
•••
@American , my friend. I was not searching for you. I was trying to see which gender pops up for the names as shared by you - " you can find the domain under my name "yue er" or "lou zhiyong"."
Results were pretty confusing as you can see. But that's something that can be explained only by you.

@tech4 Yes. SEDO does that. But they won't divulge anything unless they see the Law enforcement agency up their offices.
I'm already told you.If you use google or others to search a not famous Chinese or American,you can't find anything,it's the same as you can't use google to find someone named patrick.sitrok.
 
0
•••
[QUOTE =“Grilled,post:6519350,member:963724”]你认为另一个小偷是谁?

我认为一个没有被真正触及的重要细节是我之前提到的RBG.com域,它与销售OP域的电子邮件相关联。

请注意,WHOIS电子邮件在@ RBG.com&域名服务器停留在世界各地...

[ATTACH =满] 77531 [/ ATTACH]

RBG似乎保持隐私,直到帕特里克Sitrok(PDD.com / 3620.com卖方)信息出现几天,然后WHOIS追溯到2016 年前的 WHOIS所有者(隐私之前),有一个地址,一北= 1 N.

[ATTACH =满] 77530 [/ ATTACH] [/ QUOTE]
Who are you assuming the other thief is?

I think an important detail that hasn't really been touched on is the RBG.com domain I mentioned earlier, that was associated to the email that sold OP the domains.

Notice, WHOIS email is in @RBG.com & name servers stay at worldnic...

Show attachment 77531

RBG appears to stay under privacy until Patrick Sitrok's (seller of PDD.com / 3620.com) info appears for a few days, then WHOIS goes back to the prior 2016 WHOIS owner (before privacy) with one minor detail changed regarding the address, One North = 1 N.

Show attachment 77530
he also said he has vdg.com.
thank you.
 
0
•••
The seller sent the first email to me and told me he is the 3620.com seller.
i check my sedo.com Transfer Documents,it's the same email address.Show attachment 77423

Can you post that screenshots of that email as well? To include all contact you had with Patrick. This is important, and may reveal additional info. Thx.

In the mail, his time zone appears UTC + 2: 00, but his ip address is the United States, which is obviously impossible.

Did you share that IP address / info with escrow.com, and network solutions so they can use it in their investigation?

Also, as you say you have gathered his IP, can you answer if you've shared that info with NetSol, Escrow, Sedo, and possible law enforcement?

I also want to note, if you have his IP, that you should message it to NamePros staff. I don't believe they will be able to give you much, if any, user information (if exists), but they may be able to add additional info to the proper authorities, if IP address matched a hit. If you don't send NP anything, I don't assume they would get involved, as I don't assume Escrow (or others involved) will be reaching out to NP with info requesting additional info. Though, it would be great if the industry collaborated for such things. Even if NP doesn't have any hits from that IP, if it was a legit IP, then NP may identify the scammer if the scammer makes his way to NP...
 
Last edited:
1
•••
Who are you assuming the other thief is?

I think an important detail that hasn't really been touched on is the RBG.com domain I mentioned earlier, that was associated to the email that sold OP the domains.

Notice, WHOIS email is in @RBG.com & name servers stay at worldnic...

Show attachment 77531

RBG appears to stay under privacy until Patrick Sitrok's (seller of PDD.com / 3620.com) info appears for a few days, then WHOIS goes back to the prior 2016 WHOIS owner (before privacy) with one minor detail changed regarding the address, One North = 1 N.

Show attachment 77530

I think you have something. RBG is Rubin Brown an accounting firm in MO. Could this Patrick somehow connected to that firm? Because according to Whois, if Networksolution finds out that Patrick is a thief, removed the PDD back to whoever is [email protected] shouldn't his account be block? On the 6, PDD was reversed by NS/Web, but on the 7, RBG is still with this "Patrick".

Then later, it is now back to supposedly RBG. I am not sure what to make of this. Did Networksolution reply to a "hey my domain got stolen" by PDD or was it by "Patrick" ? And is Patrick somehow related to RBG????

How are these domains easily be stolen from 1) An accounting firm 2) An IT firm????

I can't figure it out.

---------------RBG.com went into privacy for more than a year
What????? Is there a theft? Or is it someone from RBG?
 
Last edited:
0
•••
Back