Domains got stolen from my Namesilo [Recovered]

@namesilo will no doubts respond with a comment here.
Suggestion for namesilo: implementation of a configurable system of emailed login notifications, such as for example if a login from noticeably different location occured (such as on the screenshot). Up to sending email about each successful (or unsuccessful) login attempt. And/or denying obviously suspicious login attempts like this one (185.220.101.44 is a tor exit node).
@TSB - do you have 2FA enabled with namesilo?

Edited: I just found that emailed notifications are already available at namesilo. Right into "proactive notifications" config. It might still make sense to implement a default (non-configurable) email notification of unusual correct logins, and of all incorrect logins though.

@tonyk2000, actually I didn't enable it, but I enabled right after finding this.

I've enabled all of my other registrars except this. my bad.

What is the link to the page you are viewing showing above info?
I am currently viewing https://www.namesilo.com/account_domain_manage_history.php
Don't see what you see, but i see source and user

It’s under domain history on the right side bar

I get an email every time I push or receive a domain. Any movement. Thought that was automatic.

karmaco said:

I get an email every time I push or receive a domain. Any movement. Thought that was automatic.

Click to expand...

Yes, indeed. It is likely an icann requirement... @TSB did you receive any domainpush notification on 19/7 ? Or, any sort of email notifications like a change of account email etc... ?

karmaco said:

It’s under domain history on the right side bar

Click to expand...

no IP nor location shown in domain history.

tonyk2000 said:

@TSB did you receive any domainpush notification on 19/7

Click to expand...

Nope, I haven't received any.

Hypersot said:

no IP nor location shown in domain history.

Click to expand...

Click the View Details under Details in DOmain Activity History, it will open popup with info.

TSB said:

Nope, I haven't received any.

Click to expand...

So it may well be that your email account was also accessed by the person who stole the domains
They might delete it from the inbox before you checked email.

It should be able to be traced

TSB said:

Click the View Details under Details in DOmain Activity History, it will open popup with info.

Click to expand...

I did, I still get nothing like what I see in your screenshot.
Anyway, let's not change the subject of the thread

I wish you all the luck getting your domains back. Thanks for letting us know.

Since it was accessed from TOR, the real location of a hacker cannot be traced based on IP. What can be found out is what happened with the domain pushed, they are likely not with namesilo already. Might be sold or resold 1 or more times... including to other domain investors. In any case, a separate warning post on this forum with the list of domains (stolen - do not buy) will not harm I think.

tonyk2000 said:

they are likely not with namesilo already. Might be sold or resold 1 or more times

Click to expand...

When I checked the Whois lookup they are still with name silo

TSB said:

When I checked the Whois lookup they are still with name silo

Click to expand...

Then NS should help you get them back. Hopefully the domains are locked in the hackers account.

Please share the domain names , so that we can skip buying those domains if someone offered us the same...

TSB said:

Found that my 4L.com's were missing.

Click to expand...

That sucks bro. Please keep us updated.

Hi guys,

The domains are still with us so we have blocked the ability to transfer out while we investigate.
TSB - lets take this convo back to support chat.

TSB said:

I hope a lot of people gone through this situation.

Click to expand...

lol, I don't!

TSB said:

Yesterday, I was checking domain list in my namesilo account. Found that my 4L.com's were missing. Immediately I've sent mail to namesilo and got a reply like the domains got transferred to another account.

And when I checked IP login info in the domain transaction history, for these 3 alone the access is from the UK. I shared this info with the namesilo customer support and waiting for their reply. I'm sure the domains were stolen from my account, but not sure how did it happen.

Show attachment 96383

First time facing this problem. I hope a lot of people gone through this situation. But what is the success rate in getting back the stolen domains?

Click to expand...

Your vigilance has saved you. Just folloup and get back your domains. Cheers

Hope you get your names back - Please keep us updated

This is undoubtedly something you have checked, but they were not in any chance for sale on Afternic premium network with fast transfer enabled, and they have actually sold, but for some reason you did not get (maybe spam filter?) the Afternic notification of the sales? There was a post a while back that a NP member thought his domain was stolen and that turned out to be the answer.

Anyway, I hope that it does get resolved.

ps I presume you have checked to see what you can find out about the IP address where right now.

tonyk2000 said:

So it may well be that your email account was also accessed by the person who stole the domains
They might delete it from the inbox before you checked email.

Click to expand...

Maybe there is a filter that deletes all mail from namesilo.com. I hope the OP was not using the same password for E-mail and all online services...