IT.COM

[RESOLVED] - Domain Name Stolen...A Horrible Story and a Warning...

NameSilo
Watch
Impact
346
Hi All. I've not been in here for a number of years, but a week ago I had my domain of 20 years (dustie.com) stolen and I have to tell the story. it looks like I'm out of luck here, and out a lot of money, but maybe my story can help prevent this happening to someone else. This happened at Godaddy, though I don't blame them, and i still have all of my domains with them, as well as my websites. I blame the no good slimy thief who stole my domain name!

Here's the story... First off, my name is Dustie, and I've owned Dustie.com since 1998.
Sometime in 2017 (I think) I decided to go ahead and list dustie.com as a premium domain for a high price. It being my name, I wasn't real keen on selling it, but, as they say, everything is for sale for the right price. I'd had someone offer me 5,000.00 for it, but after taxes (it would have put me in a higher tax bracket for the year) and commisison, it wasn't worth it wasn't worth it to sell it for that amount. However, I figured that if someone were willing to pay that for it, maybe someone would pay even more. So I listed it as a premium domain for 20,000.00. I seriously didn't think it would sell but it woudn't hurt to list it (or so I thought).

All was well, until a bit over a week ago. I had been out that evening and didn't get home till nearly 10:00 PM. It was 11:00 before I was able to get onto the computer. That's when I saw the 5 emails from Godaddy.... I'm sure you can imaging my reaction when I saw that, within 20 minutes, my domain name, dustie.com, which I have owned since 1998, sold and transferred for a mere 450.00? I was sick...simply sick. How could this happen! First off, I've never had a domain name sell and transfer inside of 21 minutes and then be paid for it a little over a day and a half later. That's unheard of!

Immediately after reading those 5 emails and realizing my domain name had sold for less then 5% of what I'd had it listed for on Premium Domains, I was online with Godaddy help. Though they were sympathetic, no one there could help. They said I'd have to wait till morning and call auctions help. Needless to say, I didn't sleep well and was on the phone as soon as they opened their office. Though I was on the phone for a good 30 or so minutes with them (a good part of that time on hold), I was ultimately told there was nothing they could do for me. My domain was bought, paid for, and transferred and that was that! (Oh, and this even though they found the price had been tampered with twice that same night, long before I got online). They said this had to be me because no one else had access to that account! That was proof to me that someone was in there messing with my account and screwed me over big time, but not to them.

So I've been sick all week...trying to forget that someone illegally reached into my pocket and stole a lot of money , as well as my NAME! Needless to say, even a week later, I'm just sick about the whole thing.

Today, on a lark I looked up dustie.com on godaddy and was sick all over again when I saw that it is now listed as a premium domain for 12,000.00 (by the person who stole it from me?). That's just wrong, in so many ways! How do I get over this? I want to know how this could have happened!!??

I am posting in here as a warning to you all, as well as wanting to go on record that this did happen, regardless that the guy at [email protected] said that dustie.com had always been listed at 450.00 and it was a legitimate sale! I know how to use GoDaddy. I'm a long time user and have over 50 domain names with GoDaddy, more the half listed as premium domains! Ever since Dustie.com was originally listed as a premium domain at 20,000.00 that was the price that showed up whenever I went to maintain my premium listings. It always stuck out like a sore thumb, because most my other domain names are listed below 1000.00. There is simply no way Dustie.com was ever listed for as little as 450.00. Even go daddy suggested a price of nearly $5,000 as a premium listing starting point for dustie.com.

Without a doubt, my godaddy account was hacked and my domain name of 20 years stolen from me and relisted for 27 times what they paid for it! That burns me to the core!!!

I'm sure that, since this happened to me it will surely happen again. If any of you hear about such a thing, could you please have them get in touch with me? If I can find others that this has happened to, maybe we can do something as a group?

In the meantime, if you have a valuable domain name on Godaddy Premium domains, then you might want to take screen shots of the listed prices. Also, I was told that if I had the original email when it was listed that would be proof that it was listed at 20,000.00. Alas, I did not have it...I had, not long ago, deleted emails that were more then a year and a half old. If you don't have emails for your most valuable domain names, then remove them from listing, then relist them to get a new email and save those emails just in case!!

And Thanks for listening to my very long rant!

Dustie
(was [email protected] for over 20 years...now I am [email protected] and my site is dustie.art ... cool name, but it's certainly not worth what I lost in dustie.com!)
 
33
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Wonderful story.. I am glad we have a happy ending here. I really admire @maxtra cooperation to resolve this issue.

But still this is a very curious case that deserves more investigation. The Afternic manipulation theory is the most probable explanation and a very scary one! anyone can add your domains if they are not listed at Afternic by you and then manipulate your domains prices if your domains are listed at Godaddy marketplace. I noticed that Afternic adds my domains without any verification, I know that because whois info for all my domains are private, in Sedo I need to add TXT record to verify ownership for each domain, while at Afternic I am not required to do that, how do they verify my domains without whois and without TXT record is something I always wondered about. I think they just add domains without any verification which if true is a big loophole with the size that an elephant can go through.

You still need to accept Afternic's fast transfer for this loophole to work, but considering that Godaddy is Afternic and in case the buyer and seller are both at Godaddy, then there is a possibility that fast transfer is not needed in first place for the OP scenario to happen. I hope that this is not the case and i hope that @Joe Styler investigate this more and tell us if this is possible.
 
Last edited:
4
•••
The Afternic manipulation theory is the most probable explanation and a very scary one! anyone can add your domains if they are not listed at Afternic by you and then manipulate your domains prices if your domains are listed at Godaddy marketplace.

It's even worse than that, as reported in the Aftenic bugs thread:
https://www.namepros.com/threads/problems-bugs-and-fixes-at-afternic-report-problems-here.1006373/

Basically people found their listings at Afternic kept getting removed and appearing in another account. What came out is there are Afternic "superusers" who can just upload a spreadsheet with any domains they like and that will overwrite existing domain entries. So these superusers as far as I know still exist and can override even prices of domains you have already listed in your account at Afternic.

Godaddy never fix anything at Afternic, but really there should be a way to disable fast transfer there (there is at Sedo). When I asked I was told the only way to do it was download a spreadsheet of all your domains and settings, then delete all domains at Afternic, then upload the spreadsheet again and so fast transfer would be disabled by default on all those now newly listed domains. The problem there is a sane person would then have to check the painful 50 item-per-page-by-page entries to be sure the spreadsheet had uploaded ok. Another case of GD offloading pain and inconvenience and risk onto customers instead of spending a bit from their huge profits to fix basic problems at source.
 
Last edited:
6
•••
img27.jpg

anrainbowtnks.gif


DUSTIE.COM IS HOME SAFE AND SOUND AND SHE'S RESTING PEACEFULLY WITH ALL HER DOMAIN NAME FRIENDS!
img27.jpg
anrainbowtnks.gif
 
22
•••
5
•••
Sorry...guess I thought it was worth repeating! LOL... AND IT IS!
 
0
•••
@Dustie - Congrats! A bit of a change from your first post :)
 
1
•••
img27.jpg

anrainbowtnks.gif


DUSTIE.COM IS HOME SAFE AND SOUND AND SHE'S RESTING PEACEFULLY WITH ALL HER DOMAIN NAME FRIENDS!
img27.jpg
anrainbowtnks.gif
Now change the nameservers to the hosting you had some your old email will work. Also enable 2FA verification on your GD account.

Congrats and salute to @maxtra and @MapleDots .
 
4
•••
@Dustie - Congrats! A bit of a change from your first post :)
Stub, you are so right! I never in a million years thought anything like this would happen when I posted that first post. At that time I just new that the name was gone for good. I just wanted to warn others of, what I thought was domain theft, and instead found Matrix and MapleDots and all of you and got my domain back! We are all made whole and it's been one HELL OF AN AWESOME JOURNEY!
 
2
•••
Abudullah... I have already enabled 2FA. Can I have both [email protected] and [email protected] come to the same GoDaddy 365 Email account? I've been changing it all over the place and now want to use both emails.

Can anyone explain the Locking system that's been mentioned in here? I don't have Wordpress though?
 
1
•••
Abudullah... I have already enabled 2FA. Can I have both [email protected] and [email protected] come to the same GoDaddy 365 Email account? I've been changing it all over the place and now want to use both emails.

Can anyone explain the Locking system that's been mentioned in here? I don't have Wordpress though?

You don't need the locking system if you don't have WP. It's specific to WP. Which if it isn't constantly updated, both WP & the Apps, then it can lead to vulnerabilities in the future. You can sleep tight with 2FA, provided you are not prone to losing your phone.
 
0
•••
Abudullah... I have already enabled 2FA. Can I have both [email protected] and [email protected] come to the same GoDaddy 365 Email account? I've been changing it all over the place and now want to use both emails.

Can anyone explain the Locking system that's been mentioned in here? I don't have Wordpress though?
I dont know about your email setup but I think a catchall can be made. 365 email is from Microsoft and you can ask both GD and Microsoft support as GD links to this site https://officeactivationsetup.com/

Edit: I actually asked the guys at that link I shared as they have live chat and they said yes, it is possible.
 
Last edited:
0
•••
provided you are not prone to losing your phone.

Oh No! I'm on my 5th phone inside of two years. One is at the bottom of an Alligator infested lake, one got soaked in my pocket at another lake, one got run over by a car, one got lost and now I'm on number 5. What happens if I lose my phone???
 
1
•••
1
•••
Don't expect much luck from that. They have said they cannot find anything wrong with their system and have washed their hands of this transaction. Refusing to get involved and leaving the sale as valid. There isn't much goodwill with that. Except from @maxtra.

Hi @stub -

I agree.

But wouldn't it be a solid response by GoDaddy and demonstrate a huge amount of credibility if they did!

We are not talking about "confidential information" for Dustie's account - we are simply talking about timestamps of certain events that have been discussed extensively in this thread. And also want to know how this $450 price point was implanted. If GoDaddy says "we don't know" then we are F'kd - as this is a Risk Management issue that deserves a specific Root Cause analysis and result..

And not a single one of those dates are "Top Secret" (nuclear code) type data points. They are only date stamps and event time stamping.

The problem I have with how this is playing out - is their is too much jubilee at the moment about the name being in the transfer mode back to Dustie- and not enough effort is being made to get to the ROOT CAUSE of this problem.

This ROOT CAUSE is super important to all of us that have a GoDaddy account. And sugar coating a dog turd does not make it a Babe Ruth bar!!

Meaning - the fact that good will is being exhibited to return the domain to Dustie is terrific and admirable, but damn - let's get real here - something happened that caused this cluster of a mess - and simply sugar coating it by saying "we found no issues" is too simple and generic a response.

Every communication I have ever had with Joe has been super professional. He is focused and responsive to NamePros members questions. Thank you! But this is an opportunity for GoDaddy to shine! With full transparency on a topic that at the moment is quite public and concerning.

This thread demonstrates there is an undercurrent (undertow) feeling about this situation. Why not provide full transparency to the reasonable questions I asked in my earlier post. If "VP" level GD employees were involved, they must (or at least hopefully) had data provided to them for them to draw their conclusions.

This is a perfect moment for GoDaddy to shine. I am not asking for Trade Secrets or "Proprietary" information. Just asking for a simple timeline of events based on their raw data findings.

And if someone says.... "they found nothing unusual"... then why not published the data and share the data they used to render that opinion!

Let us... as domain investors... render our own conclusion!!

We aren't a stupid lot and many of us have operated multi-million dollar businesses and have had to participate in Risk Management exercises / Root Cause analysis & exploration.

-Cougar
 
Last edited:
5
•••
Oh No! I'm on my 5th phone inside of two years. One is at the bottom of an Alligator infested lake, one got soaked in my pocket at another lake, one got run over by a car, one got lost and now I'm on number 5. What happens if I lose my phone???
Did you setup the 2FA with SMS or Google Auth? With SMS you just need to have the SIM/number, but with GoogleAuth, YOu will need to have access to that app as it will generate secret codes that change in every 30 seconds.
 
0
•••
Oh No! I'm on my 5th phone inside of two years. One is at the bottom of an Alligator infested lake, one got soaked in my pocket at another lake, one got run over by a car, one got lost and now I'm on number 5. What happens if I lose my phone???

It's a hassle in more ways than 1. I haven't had to go thru that at GoDaddy. But for sure you cannot log into your control panel or do renewals and stuff. Until it's fixed. I have 1 phone sitting on my computer desk, specifically for domaining. It never leaves the house. Even that can be a problem, because if it doesn't get used the sim card expires :(
 
1
•••
Wonderful story.. I am glad we have a happy ending here. I really admire @maxtra cooperation to resolve this issue.

But still this is a very curious case that deserves more investigation. The Afternic manipulation theory is the most probable explanation and a very scary one! anyone can add your domains if they are not listed at Afternic by you and then manipulate your domains prices if your domains are listed at Godaddy marketplace. I noticed that Afternic adds my domains without any verification, I know that because whois info for all my domains are private, in Sedo I need to add TXT record to verify ownership for each domain, while at Afternic I am not required to do that, how do they verify my domains without whois and without TXT record is something I always wondered about. I think they just add domains without any verification which if true is a big loophole with the size that an elephant can go through.

You still need to accept Afternic's fast transfer for this loophole to work, but considering that Godaddy is Afternic and in case the buyer and seller are both at Godaddy, then there is a possibility that fast transfer is not needed in first place for the OP scenario to happen. I hope that this is not the case and i hope that @Joe Styler investigate this more and tell us if this is possible.


@Ostrados -

Exactly!!

-Cougar
 
0
•••
Hi @stub -

I agree.

But wouldn't it be a solid response by GoDaddy and demonstrate a huge amount of credibility if they did!

We are not talking about "confidential information" for Dustie's account - we are simply talking about timestamps of certain events that have been discussed extensively in thread. And also want to know how this $450 price point arrived.

And not a single one of those dates are "Top Secret" (nuclear code) type data points. They are only date stamps and event time stamping.

The problem I have with how this is playing out - is their is too much jubilee at the moment about the name being in the transfer mode back to Dustie- and not enough effort is being made to get to the ROOT CAUSE of this problem.

This ROOT CAUSE is super important to all of us that have a GoDaddy account. And sugar coating a dog turd does not make it a Babe Ruth bar!!

Meaning - the fact that good will is being exhibited to return the domain to Dustie is terrific and admirable, but damn - let's get real here - something happened that caused this cluster of a mess - and simply sugar coating it by saying "we found no issues" is too simple and generic a response.

Every communication I have ever had with Joe has been super professional. He is focused and responsive to NamePros members questions. Thank you! But this is an opportunity for GoDaddy to shine! With full transparency on a topic that at the moment is quite public and concerning.

This thread demonstrates there is an undercurrent (undertow) feeling about this situation. Why not provide full transparency to the reasonable questions I asked in my earlier post. If "VP" level GD employees were involved, they must (or at least hopefully) had data provided to them for them to draw their conclusions.

This is a perfect moment for GoDaddy to shine. I am not asking for Trade Secrets or "Proprietary" information. Just asking for a simple timeline of events based on their raw data findings.

And if someone says.... "they found nothing unusual"... then why not published the data and share the data they used to render that opinion!

Let us... as domain investors... render our own conclusion!!

We aren't a stupid lot and many of us have operated multi-million dollar businesses and have had to participate in Risk Management exercises / Root Cause analysis & exploration.

-Cougar

Whilst I agree with everything you are saying. It's never going to happen because their investigation found no problem with the sale, and they refused to intervene. They let the sale stand. Anything concerning the return of the domain was entirely between the buyer and the seller.

Do I believe this is the actual case? Well.... nooo :) Do I believe they did not find any evidence to intervene...It's possible. But they are never going air their dirty laundry in public. Much easier to say they found nothing wrong with the original sale. When they already know the 2 parties have already agreed on a remedy.

Everything Joe has been doing is purely for good customer relations. Over Easter. When he probably should be at the beach with the family :)
 
Last edited:
0
•••
Cougar, I am satisfied that GD did all they could. They dated the change from 20,000.00 to 450.00 around the same time I actually did make some price changes to some of my domain names, and they found no unwanted or untoward "trespass" nor could they find any glitches or errors. They never mentioned the price changes noticed by the tech guy when I was on with them after the name sold.

I did run into some GoDaddy error pages that day I was making changes. They would say something like "This page is not available now...Please try back later". Finally I just gave up and went onto something else. They looked for evidence of those to see if that might have had something to do with what happened, but found nothing. So, in the long run, they had no choice but to surmise that it was through no fault of theirs that this happened. They didn't say, but I know from their end it looked like I'd made a mistake on my part. All I can say is, if it was my mistake, it was certainly one doozy of a mistake!

I didn't post more then just a synopsis of Joe's emails here, because I felt that if Joe wanted to share his emails with everyone, that would be up to him, not up to me. Hope this helps...
 
1
•••
@Dustie - We are all very happy that it worked out so well for you :) Because if it had not been because @maxtra was a NP member, and GD not finding anything wrong with the sale. Things would have looked awfully different :(
 
Last edited:
0
•••
>> But they are never going air their dirty laundry in public. Much easier to say they found nothing wrong with the original sale. When they already know the 2 parties have already agreed on a remedy.


@stub -

I agree.

And this is the "Babe Ruth" bar I'm taking about. It's sugar coating a turd!!

It's admirable what has happened and the good-will offered by several NamePros members, but we have become enablers!

We have let GoDaddy off the hook, basically enabling them to wipe their hands of it too easily, and should ask (demand) a higher standard.

I have no ill will with Joe. He's a top shelf guy! And I appreciate each and every time his is involved.

But the problem I have is we are investing cash / our hard earned funds - and trading in domains.

A financial institution is held to a a fiduciary responsibility. Why are we accepting this as "okay".

My basic point - this WILL HAPPEN AGAIN if the Root Cause is not fully investigated and data results publicly reviewed/scrutinized.by industry lay.

And the next time it happens, the receiving buyer might not be so generous!

I am not crying wolf here... or the sky is falling... I am merely a business person intelligent enough to interpret data and draw my own conclusions.

As is every other person on this thread!

I am passionate about this topic because I've spent a career sifting thru the mud of Educational Testing Fraud, Check Fraud Detection, Check Clearing Risk Management, Acquisition Due Diligence, Inventory Audits, Retailer Fraud, MAP Pricing Deviations, and a pile of other (not so glamorous) Employee "Red Flag" behavior.

Yes - this is a hot topic for me - because I (like you) have my money invested in these products.

And I don't like flying blind.

-Cougar
 
2
•••
@Dustie -

Thank you for your response.

Did GD specifically indicate that the "change request" from $20,000 to $450 was specifically tagged as having been initiated from your GD panel?

Please advise.

-Cougar

ps: Yes, like Stub mention, I am happy you have your domain back...Congrats! But if we don't have a perfectly clear (and documented reason) for how this transpired, we are naively flying blind. Thanks.
 
0
•••
>> But they are never going air their dirty laundry in public. Much easier to say they found nothing wrong with the original sale. When they already know the 2 parties have already agreed on a remedy.


@stub -

I agree.

And this is the "Babe Ruth" bar I'm taking about. It's sugar coating a turd!!

It's admirable what has happened and the good-will offered by several NamePros members, but we have become enablers!

We have let GoDaddy off the hook, basically enabling them to wipe their hands of it too easily, and should ask (demand) a higher standard.

I have no ill will with Joe. He's a top shelf guy! And I appreciate each and every time his is involved.

But the problem I have is we are investing cash / our hard earned funds - and trading in domains.

A financial institution is held to a a fiduciary responsibility. Why are we accepting this as "okay".

My basic point - this WILL HAPPEN AGAIN if the Root Cause is not fully investigated and data results publicly reviewed/scrutinized.by industry lay.

And the next time it happens, the receiving buyer might not be so generous!

I am not crying wolf here... or the sky is falling... I am merely a business person intelligent enough to interpret data and draw my own conclusions.

As is every other person on this thread!

I am passionate about this topic because I've spent a career sifting thru the mud of Educational Testing Fraud, Check Fraud Detection, Check Clearing Risk Management, Acquisition Due Diligence, Inventory Audits, Retailer Fraud, MAP Pricing Deviations, and a pile of other (not so glamorous) Employee "Red Flag" behavior.

Yes - this is a hot topic for me - because I (like you) have my money invested in these products.

And I don't like flying blind.

-Cougar

The best we can do is to take note of what has happened, and act accordingly. If we believe this is a fault of their system. Then it behooves us to remove our domains from Godaddy's Registrar. Which I did a long time ago. So I reject any accusation of being complicit, or an enabler here.
 
1
•••
@Dustie please do not forget to check domain contact details. Limited public whois shows the following:
Registrant State/Province: WA
Registrant Country: US
Other details: <hidden from public view>
It was the same yesterday.
So, either both @Dustie and @maxtra reside in WA/US, or the domain still has old ownership details (even being now at home with an original account).

And... congratulations! :)
 
1
•••
Did you setup the 2FA with SMS or Google Auth? With SMS you just need to have the SIM/number, but with GoogleAuth, YOu will need to have access to that app as it will generate secret codes that change in every 30 seconds.

I don't know which way it was set up. I simply set it up by clicking the link in Godaddy to set it up.
 
0
•••
Back