4 LLLL.COM Domains Was Stolen on GoDaddy

[netklick]

Four of my LLLL.com domains was stolen and transferred to 22.cn.

The following are the domains. I am in discussion with GoDaddy and I hope to reclaim my domain names.

1) RLYN.COM
2) BMRD.COM
3) RDBY.COM
4) LLCY.COM

I am posting here so you won't buy these domain names. Also I am posting here to get public support in fighting domain theft. It is 2015 and NO ONE should be allowed to run away with digital assets like this. If GoDaddy has the right security measures in place, they would know that the IP logged into transfer the domain name couldn't have remotely matched my IP (nor country most likely).

Whoever took it used Password recovery to gain access to my GD account. Not sure how because they never had access to my email account and that they could not have known my GD account id. So I am puzzled how this could have happened.

Once they gained access to my account, they pushed the domains to another GD account. Then from there on, it seems like they transferred to 22.cn. Isn't there a 60 day hold on account changes?

Please secure your domains, especially if you have LLLL dot coms that are of high value. Please help me get my domain back by talking about this. Like I said, its 2015 and this should not happen. Thank you.

 

[canswift]

shams just explained it canbrit... the "60 day lock" only goes into effect after changes to the REGISTRANT Name or Organization (note, NOT the email address or Admin info at all), REGARDLESS of whether it stays in the same account or moves to another account. The big ouch in that is when someone simply moves the domains to another account without updating the info, which Godaddy seems to make pretty easy to do since with every push we are given the option to keep current contact info, use destination account contact info or enter new details.... so one doesn't have to jump through any tricky hoops to move a domain without updating the info and avoid the 60 day lock.....

here is a good overview of this issue: http://domainnamewire.com/2011/05/13/how-to-avoid-go-daddys-60-day-lock-for-whois-changes/

Well, thanks for the clear explanation (both of you). I previously had two GD accounts for my company (same registrant info for both accounts). When I consolidated account B into account A, it did trigger the 60-day lock. I must have done something to trigger that lock, but from time on I assumed that any account push or change did trigger the lock.

 

[mirul]

@netklick .. Any updates?

 

[netklick]

@netklick .. Any updates?

Just a quick update. I called GD today to get an update. They are still working on it and is waiting for responses from the other registrar (ename).

I heard back from one person who owns one of the domain. He/she said bought it on ename marketplace. Must have been the one day auction or through another method.

I tried to message all new owners (including through privacy protection) to tell them they are stolen domain. Like I mentioned above, only one got back to me and felt sorry for me. Said ename has a lock on the domain. I hope it is a good sign.

So I am hoping they are all doing the right thing to get my domains back to me.

I am also in the process of filing a report with FBI and RCMP (Canadian version) just so it is in the record.

Thanks for all of your support and advice to me. Truly blessed to be part of this forum.

 

[djum]

This is a critical oversight in GD's security system. There MUST be a security step introduced for pushes that keep Registrant/Organization info the same, if this will allow immediate transfer.

No, GD is already not liked by many domainers for throwing second 60-days when you change owner.
Other registrars do not do it and take business from GD because of that.
It need to be changed too.
If you registered at GD, 60-days rule is fine, but adding any 60-days after is no-no and red flag for business.
I had resellers cancel the deal because of that and some simply refuse to negotiate when hear that domain is at GD.

What needs to be implemented is better security. And good tips were offered in this thread.

1. Make it impossible to retrieve password if request is made from different IP, than usual, especially if it's IP of different country. What are the chances that someone who always operated from Europe, India or USA forgot password and moved to China at the same time? 1 chance in the million. And latest stories about stolen names always go with the same scenario. Account compromised at GD via password recovery - domains pushed to different account - transferred to China - sold at Ename.
GD need to stop it in first place. And Ename is running shady auctions and then asking the legit owner to pay for their own domains is bullshit too! They need to give domain back to the owner and make a chargeback from seller's Alipay or whatever they use. It's totally within the power of Ename. Robbing poor guy is just easy choice for them.

2. Second offer for GD is to send confirmation code to the phone every time password reset.

This way even whe someone hacks your email, they can't see the code on the phone.

 

[mirul]

2. Second offer for GD is to send confirmation code to the phone every time password reset.

This way even whe someone hacks your email, they can't see the code on the phone.

+1

Agreed, this is the best solution IMHO...

Cc @Joe Styler

 

[netklick]

Just a quick update, DomainGang wrote another article. Thank you DomainGang for doing such a wonderful job to help me and others alike.

http://domaingang.com/domain-crime/...-victim-of-domain-theft-to-refund-the-buyers/

I also want to thank Michael Berkens for retweeting this story. Also want to thank Rick Schwartz for listening to me and giving me guidance. I have also reached out to few prominent news media. In discussion to hopefully get a story out on this loophole and shady practices.

I am seriously hoping ename will do the right thing. I have not heard back from GD over the past few days. I am sure they are working to figure out what happened and also working hard to get my domain names back.

Thanks for all the feedback and advice provided on this thread.

@Joe Styler - please let us know if there is anything you can share with us. Thanks.

 

[Mahogany]

Update?

 

[netklick]

Update?

Still waiting for details. I asked GoDaddy and they said they are in touch with ename and that ename is investigating. Not sure how long before I get any concrete answers in terms of what went wrong in the first place and then when I will get my domain back.

 

[MasterOfMyDomains]

Thanks for the update. Wish was better news.
@JoeStyler any updates or answers from your end?
I am creating a whole new email just for domains, I am 2 factored everywhere now.
Still a huge loss for netclick, anything we can do, just ask

 

[netklick]

Thanks for the update. Wish was better news.
@JoeStyler any updates or answers from your end?
I am creating a whole new email just for domains, I am 2 factored everywhere now.
Still a huge loss for netclick, anything we can do, just ask

Thank you so much.

Just a word of caution on new emails. When you create a brand new email for your domain names, please make sure you check those emails regularly. You don't want to miss any notification.

 

[MasterOfMyDomains]

All my emails get forwarded to one special email account. I get notifications on my phone from 1st email and second email.
Is it better to use a free provider, or set up [email protected] that you can change and even dissolve at anytime?

 

[netklick]

All my emails get forwarded to one special email account. I get notifications on my phone from 1st email and second email.
Is it better to use a free provider, or set up [email protected] that you can change and even dissolve at anytime?

Free provider that can provide 2 step verification or something strong. Also look into zoho mail if you want to setup your own domain name emails. They do provide very secure email service and I believe they are still free up to 5 emails per domain.

 

[netklick]

Also want to say thank you to DomainString.com for posting my story. Thank you.

https://domainstring.com/stolen-dom...n-com-bmrd-com-rdby-com-llcy-com-were-stolen/

Still waiting for good news...

 

[evanstanlay]

The domain is transferred to ename.com now

 

[netklick]

Update: I still don't have my domain names back. GoDaddy says they are still communicating with ename and that they will notify me once they have a response. Just not sure what that means...

 

[Tytus]

Getting a domain stolen is a nightmare I hope I never have to go through, sorry you have to go through this and wish you all the best in the recovery. Hopefully you hear some good news soon at godaddy.

 

[netklick]

Update

Guys I received an email from GoDaddy's transfer dispute team. They had great news for me for Christmas! They have secured the domain names back from ename. Verisign sided with GD on my case. I am in the process of receiving the four names to my new GD account. Once I have it in my hands again, I will post a detailed update.

I have a lot of people to thank and I will do that properly as well.

 

[StoneRoses]

Update

Guys I received an email from GoDaddy's transfer dispute team. They had great news for me for Christmas! They have secured the domain names back from ename. Verisign sided with GD on my case. I am in the process of receiving the four names to my new GD account. Once I have it in my hands again, I will post a detailed update.

I have a lot of people to thank and I will do that properly as well.

That is great news!, hopefully they are back home soon!.

 

[netklick]

I have not been active but I want to thank everyone that helped me get the domains back.

Yes they came back home. Thank you from the bottom of my heart for all your support!

 

[koskov]

I have not been active but I want to thank everyone that helped me get the domains back.

Yes they came back home. Thank you from the bottom of my heart for all your support!

That's great news!