- Impact
- 307
Moniker is now the worst registrar on the market, stay away from them, believe me or your portfolio will be at risk ... and they'll never care about your problems or better, they'll cause new ones if you'll open a support ticket.
DON'T believe to their emails related to security feature improvements, they're now among the unsafest registrars.
Many accounts have been hijacked in the latest weeks and dozens of domains have been fraudulently transferred away, in some cases the MaxLock was ON.
Let share our recent experience and, even if we can't mention the involved domains (still unver investigation), I can assure that all facts have been reported exactly as they happened.
One of our most valuable domains (worth over $1M and I'm serious here, it's something kept private and never shared in the forums because not for sale) has been fraudulently transferred away to another registrar (that I'll not mention to avoid any possible unwanted investigation from someone a bit curious), this happened in September but only in the first week of October we've been aware of that now, how has it been possible ?
See by yourself why Moniker is no longer reliable now: "someone" hacked our account and consider we were using Whois Proxy on that domain while our password was safely stored in an external flash drive, no way to retrieve it without answering to 2 secret questions.
Our email account hasn't been hacked nor involved in this story, this means the hacker has used a dif. way to get access to the account.
He didnt change password but he created a default handle (with a similar email) so he changed it in whois for all contacts (and we got no email notification when he did this ... Is this normal ? I doubt and I've read about other similar cases in Googloe).
For a lucky case we logged in the account few weeks later and saw our most valuable domain was no longer there; under the same account, we had also other 2 premium names that he didn't steal so we've created a new Moniker account (on the moment) and pushed them there to safeguard our remaining assets.
From there, we did a second push to another account (this time towards a second old account that we owned for few years and where we had other domains too).
In this way, we hoped to make the hacker life harder.
Done this, we've opened multiple tickets at Moniker (one every 2/4 hours) to make Moniker aware of this incident and we've explained what we did to safeguard our other assets apart asking for their cooperation to work together to get back our stolen domain.
02-Oct-2014: For security reasons and with no explanation (so far) they've locked our second account (the one where we moved the other mentioned domains) so we've submitted multiple tickets to explain again that we've moved our domains under it to take them away from the hacker hands.
We got a reply (just once) saying they were investigating, no more news from that moment.
QUICK RECAP:
1. An hacker has fraudulently transferred away from Moniker one of our domains, they refused to help to get it back, they told to contact a court under the new registrar jurisdiction to get the domain back and ok we did and we're now working with a "very expensive lawyer" to get a subpoena, to proof an hacker has stolen the domain and, maybe, to get it back ... who knows when.
2. As a "good gesture", Moniker has frozen our second account and we're waiting since over a month to hear back by them to know how getting it back ... Basically they've stolen our remaining domains.
Now our lawyer will work on this case too.
Don't think to send a copy of your id to get the account back, in such cases: they'll just ignore you and your docs as they did with us
Again and again: leave them forever, you can no longer trust this company.
Just a final update: yesterday I've posted this same thread in another forum but I've also mentioned about our intention to add a negative review to Moniker.com at BBB.org and wow, it's a magic: since few hours the company is no longer listed there, there're some indexed Google urls at bbb.org which talks about Moniker.com but all those pages have been removed as well.
This means someone from Moniker is surfing through all forums to read about our complaints simply they continue to ignore us.
I've recently read about a similar case of a stolen domain where the hacker used the same tactic described in our issue: he changed the main account holder email (and all whois contact emails) with a new one similar to the original, the registrant got no notice about this change so he transferred away few of his domains.
This happened few weeks ago (for what I read) and the guy has been able to call Moniker and to get a reply, it seems Moniker had no ip logs in their records about the days in whom his account has been hijacked; how can this be ?
I'm starting to suspect there's something of strange here: too many stolen domains in the latest few weeks isn't normal, there's someone "inside" this company who's cooperating with an external person to grant him access to multiple accounts and premium domains and to assist with the email change, being sure the registrant/account holder gets no notice about that.
Ok, it's just an hypothesis but I'm seriously thinking it's a good idea leaving them forever until you can.
DON'T believe to their emails related to security feature improvements, they're now among the unsafest registrars.
Many accounts have been hijacked in the latest weeks and dozens of domains have been fraudulently transferred away, in some cases the MaxLock was ON.
Let share our recent experience and, even if we can't mention the involved domains (still unver investigation), I can assure that all facts have been reported exactly as they happened.
One of our most valuable domains (worth over $1M and I'm serious here, it's something kept private and never shared in the forums because not for sale) has been fraudulently transferred away to another registrar (that I'll not mention to avoid any possible unwanted investigation from someone a bit curious), this happened in September but only in the first week of October we've been aware of that now, how has it been possible ?
See by yourself why Moniker is no longer reliable now: "someone" hacked our account and consider we were using Whois Proxy on that domain while our password was safely stored in an external flash drive, no way to retrieve it without answering to 2 secret questions.
Our email account hasn't been hacked nor involved in this story, this means the hacker has used a dif. way to get access to the account.
He didnt change password but he created a default handle (with a similar email) so he changed it in whois for all contacts (and we got no email notification when he did this ... Is this normal ? I doubt and I've read about other similar cases in Googloe).
For a lucky case we logged in the account few weeks later and saw our most valuable domain was no longer there; under the same account, we had also other 2 premium names that he didn't steal so we've created a new Moniker account (on the moment) and pushed them there to safeguard our remaining assets.
From there, we did a second push to another account (this time towards a second old account that we owned for few years and where we had other domains too).
In this way, we hoped to make the hacker life harder.
Done this, we've opened multiple tickets at Moniker (one every 2/4 hours) to make Moniker aware of this incident and we've explained what we did to safeguard our other assets apart asking for their cooperation to work together to get back our stolen domain.
02-Oct-2014: For security reasons and with no explanation (so far) they've locked our second account (the one where we moved the other mentioned domains) so we've submitted multiple tickets to explain again that we've moved our domains under it to take them away from the hacker hands.
We got a reply (just once) saying they were investigating, no more news from that moment.
QUICK RECAP:
1. An hacker has fraudulently transferred away from Moniker one of our domains, they refused to help to get it back, they told to contact a court under the new registrar jurisdiction to get the domain back and ok we did and we're now working with a "very expensive lawyer" to get a subpoena, to proof an hacker has stolen the domain and, maybe, to get it back ... who knows when.
2. As a "good gesture", Moniker has frozen our second account and we're waiting since over a month to hear back by them to know how getting it back ... Basically they've stolen our remaining domains.
Now our lawyer will work on this case too.
Don't think to send a copy of your id to get the account back, in such cases: they'll just ignore you and your docs as they did with us
Again and again: leave them forever, you can no longer trust this company.
Just a final update: yesterday I've posted this same thread in another forum but I've also mentioned about our intention to add a negative review to Moniker.com at BBB.org and wow, it's a magic: since few hours the company is no longer listed there, there're some indexed Google urls at bbb.org which talks about Moniker.com but all those pages have been removed as well.
This means someone from Moniker is surfing through all forums to read about our complaints simply they continue to ignore us.
I've recently read about a similar case of a stolen domain where the hacker used the same tactic described in our issue: he changed the main account holder email (and all whois contact emails) with a new one similar to the original, the registrant got no notice about this change so he transferred away few of his domains.
This happened few weeks ago (for what I read) and the guy has been able to call Moniker and to get a reply, it seems Moniker had no ip logs in their records about the days in whom his account has been hijacked; how can this be ?
I'm starting to suspect there's something of strange here: too many stolen domains in the latest few weeks isn't normal, there's someone "inside" this company who's cooperating with an external person to grant him access to multiple accounts and premium domains and to assist with the email change, being sure the registrant/account holder gets no notice about that.
Ok, it's just an hypothesis but I'm seriously thinking it's a good idea leaving them forever until you can.
