IT.COM

Best practices for recovering the stolen domain ghh.com?

NameSilo
Watch

Gerard Hughes

Established Member
Impact
18
As some may have seen on domaingang, my 19 year old personal website and email domain, ghh.com, was stolen on 4/7/17. (My registration was paid through 2021.) I'm looking for some best practices for getting it returned. I've read the interview with David Weslow on domainsherpa and have been working to get a bit of a crash course on security and domain crime.

The hacker got access to my ICANN account of record, transferred the domain to eNom, and proceeded to attempt to negotiate sales in my name using the hacked account while the domain is on 60 day ICANN lock.

I've since recovered the email account, but getting the registrars to reverse this rather obvious case of transfer fraud is something I'm still working on. It's frustrating that ICANN, in effect, pretends to consider temporary access to, say, my car keys as proof of permanent legal title to my car. That's simply false as a matter of law. So it is surprising to me that the transfer has not been reversed already, especially given that the hacker clearly has violated their terms of service, has no legal title to the domain, cannot indemnify the registrar, and cannot show up in court to defend this fraud. So, from even just an ordinary risk management perspective, I'd have thought the receiving registrar would be eager to avoid the costs and liabilities of not returning the domain.

Does anyone have suggestions on the best was to communicate to the registrars that it will be most cost effective for them to return it without protracting the issue? Or, for that matter, the best way to communication the the registrars? So far, the responses have been less, well, responsive, than I'd hoped.
 
Last edited:
5
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
I fixed the quote for the missing word that is implied.

With your fix the statement is pointless. So you don't acquire any Trademark rights to the domain name - what difference does that make to the proceedings? I don't need TM rights to have rights to a name. Registering any name with any whois gives you rights to that name irrespective of TM rights, no? If I register WorldsWorstDomain.com I just own that domain - not TM rights.

I don't think anyone has ever argued that a Domain Name = TM rights before.

It has nothing to do with whois privacy
"Respondent registered the domain name using a privacy service. This means Respondent has not publicly associated itself with the domain name. This means Respondent cannot have acquired any rights to the domain name (or a similar trademark) merely by registering the domain name."

Really? He starts with "This means" (starting a sentence with that gets you marks taken off a high-school paper) and that surely refers to privacy service mentioned in the prior sentence. Honestly speaking, that's one of the most grammatically flawed and inaccurate "legal" summaries I've ever read. That fact notwithstanding, I don't know why this panelist thought that privacy and not associating yourself publicly with your domain name somehow removes your rights.

If I put WorldsWorstDomain.com under privacy I still have precisely the same rights to it that I had before ...I've just saved myself the humiliation of associating with the worlds worst domain.

Perhaps he was in awe of Granddaddy Berryhill ;) Maybe he sympathized with the claim that the domain was stolen and just felt it was the right thing to do and threw all the UDRP considerations out of the window.

*My prior post was grammatically worse than the UDRP but this is a forum and my professional capabilities are in no way associated to these posts.
 
Last edited:
1
•••
I hadn't read the decision, just what you wrote. The UDRP is about trademark rights and not just general "rights" which is why I added that implied word. Whois privacy has nothing to do with whether there is or is not trademark rights associated with a domain. For instance, I can keep a domain under privacy and run a commercial web site or license TM rights to another party and keep the domain under privacy. I don't know what that NAF decision is saying but I don't give much credibility to people who work for NAF so I would not try too hard to decipher it.
 
Last edited:
2
•••
but now I also think if you deny the complainant has ownership of the name I don't see how the UDRP can be applied considered in the first place.

No.

A couple of things... First off, that panelist's weird fixation with WHOIS privacy is certainly not something we argued in that case. I agree that statement is indeed nuts.

But if you are saying that "if someone is the registrant of a name, you are conceding their right to own it", then the UDRP becomes something of a silly exercise, since that's always true.

To say that someone is in possession of something is not a concession that they are the rightful owner of it. If my neighbor steals something from me and is keeping it in my house, I still would have to get a court order to have someone go in there and get it back.

A UDRP stolen name case works just fine when you can show that the domain name, or the letters constituting the domain name served as more than a domain name per se, but had functioned as a distinctive identifier of whatever the website was purveying.

The UDRP requires proof of three things:

1. Identity or confusing similarity to a mark

2. No legitimate rights or interests in the domain by respondent

3. Registration and use in bad faith

Even in an ordinary UDRP case, no one is conceding the registrant has rights to the domain name. Lack of rights is one of the points the complainant is specifically making.


So, in a stolen name case, as long as you can show something to establish point 1, then points 2 and 3 are pretty easy:

2 - There are no legitimate rights or interests because it is a stolen name.
3 - It has been registered and used in bad faith, because they stole it and won't return it.

The registrants email is the owner regardless of how it got there from a UDRP perspective.

No, and again, the entire point of the proceeding is whether the registrant's ownership is equitably legitimate, provided that there is a trade or service mark at issue.

You might want to review these as well:

<xag.com>
http://www.adrforum.com/domaindecisions/1633946.htm

<holylemon.com>
http://www.adrforum.com/domaindecisions/1008008.htm

Now, this one was a major PITA, since the language of the Proceeding was Chinese:

<apg.com>
http://www.adrforum.com/domaindecisions/1644615.htm

But in that last one, the respondent did show up and essentially claimed that he had bought it fair and square, just as you suggest. Of course, he couldn't show any evidence to the effect of from whom he had bought it. His whole point was that he bought it at an auction at Ename, which is notorious as the registrar of choice for stolen three letter domain names.

I don't see what's difficult to understand here:

I find it shocking that part 1 can be almost removed from the criteria:

No, in each of the cases noted above, part 1 was satisfied. I regularly get inquiries from people whose names have been stolen. In going over the facts with them, the first thing I look at is whether there is a credible claim that the domain name or corresponding string of letters was or was not used as an identifier apart from it being merely a website address. If that's not there, then I will typically refer that person to one of the lawyers who regularly litigates these things in the EDVA. If you look at, for example, the screenshots.com history of eht.com, you can see that it was being used as part of a banner at the top of a news site. In xag.com, it was used in client contact, marketing materials, and a client login page for the consulting services at issue there.

So, from a UDRP perspective, yes, you definitely have to make a plausible showing that the domain name functioned as a mark of some kind. Then, it's all downhill from there, since "lack of legitimate interests" and "bad faith" both directly relate to it being a stolen name.

Normally, the person who stole the name is not going to show up and contest it, since it's not as if they want to identify themselves further.

If you would like to see a stolen name case where both parties were represented by counsel who fully argued the thing out, take a look at finances.com in particular. That case involved a generic word, a claim that the domain name was stolen, and some filings by the Respondent which the Panel viewed with what can mildly be called skepticism. At the end of the day, though, point 1 of the UDRP wasn't established:


http://www.wipo.int/amc/en/domains/decisions/html/2006/d2006-0706.html

Respondent, in a sworn declaration, presents a completely different story. Respondent first spoke with Complainant in September 2005, asking if the disputed domain name was for sale. After an initial refusal, Respondent said he was prepared to offer substantial cash consideration for the domain name. Complainant replied that he would “check with family members” and revert later. “A man who said he was [Complainant’s] father” later called Respondent and said that Complainant and his family would sell the domain name for $150,000 to $170,000. When Respondent offered $120,000, this person agreed. This representative of Complainant sent Respondent a signed Domain Name Purchase Agreement, which Respondent signed and returned. Respondent then wired payment of $120,000 in accordance with the wiring instructions in the Purchase Agreement. Respondent attaches signed copies of this Purchase Agreement and a wire confirmation to the account set forth in the Purchase Agreement.

...

With the Reply Complainant submitted an affidavit of a handwriting expert, who gave his opinion that the purported signature on the Purchase Agreement was manufactured and in fact copied and pasted from the signature on the affidavit that Complainant submitted in support of the Complaint; an affidavit of an expert in international banking, who opined that the purported wire transfer confirmation was incomplete in a number of specific respects; Complainant’s sworn statement that his father died in 1982 and a copy of his father’s death certificate; Complainant’s sworn statement that neither he nor any company in which he had an interest had ever maintained a bank account at the bank or branch specified in Respondent’s purported wire transfer; and Complainant’s sworn statement that he had never had any contact (by email or by telephone) with Respondent.

.....


Complainant’s evidence in this proceeding, however, is not sufficient to demonstrate any use of <finances.com> as the source of his claimed consulting services or any public recognition of his mark or website. Other than his own conclusionary statement, Complainant presents no evidence even that he used the disputed domain name for consulting services or any other purpose, and no evidence that any person knew of his “mark” or associated it with him or his business. Such evidence, if it exists, is surely within Complainant’s control and could easily have been supplied - web page printouts, public advertising, a client’s inquiry, invoices, Google searches, or surveys, for example. As Respondent argues, at best Complainant has shown only his use of <finances.com> as a web and email address. There is no evidence of any person visiting that website or sending or receiving emails from that email address. That alone does not establish trademark rights in <finances.com> sufficient to invoke the Policy.

---------------

The individual concurrences by the Panel are illuminating as to what went on in that case as well.
 
0
•••
If I register WorldsWorstDomain.com I just own that domain - not TM rights.

Yes, but if you steal that domain name, the mere fact that you are in possession of it does not mean you legitimately have rights to it.

Now, whether or not someone can get it back from you in a UDRP would depend on whether they had been using "World's Worst Domain" in a way that arguably did or did not function as a trade or service mark.

Let's use that as an example.

Scenario A - Someone had worldsworstdomain.com, and wasn't doing anything with it, or just had a website with a picture of a kitten on it, and no "World's Worst Domain" in evidence anywhere except as the URL. You stole the domain name. It is now registered to you. Previous owner files UDRP. What result?

Scenario B - Someone had worldsworstdomain.com. In fact, Rick Schwartz had it, and he ran a blog there where each week he would run a contest where people would submit domains for sale at SEDO for $5,000 and up, and he would announce the winner. At the top of the blog, there is a banner that says "World's Worst Domain" in big letters and beneath it says "Win this week's Golden Pigeonshit Award!" You stole the domain name. It is now registered to you. Rick files a UDRP. What result?

These two scenarios are readily distinguishable in terms of whether a UDRP will succeed. In the first one, no, the complainant is not going to be able to make any plausible showing of a trade or service mark. In the second one, yes, the complainant is going to be able to do that.

But, as far as I can understand what you are saying, then nobody can win a UDRP dispute, stolen name or not, because they have to admit the registrant "owns" the domain name. Well, if that is a "legitimate right" in UDRP terms, then it's also something that always true in every UDRP dispute, whether it involves a stolen name or not.
 
0
•••
1
•••
As some may have seen on domaingang, my 19 year old personal website and email domain, ghh.com, was stolen on 4/7/17. (My registration was paid through 2021.) I'm looking for some best practices for getting it returned. I've read the interview with David Weslow on domainsherpa and have been working to get a bit of a crash course on security and domain crime.

The hacker got access to my ICANN account of record, transferred the domain to eNom, and proceeded to attempt to negotiate sales in my name using the hacked account while the domain is on 60 day ICANN lock.

I've since recovered the email account, but getting the registrars to reverse this rather obvious case of transfer fraud is something I'm still working on. It's frustrating that ICANN, in effect, pretends to consider temporary access to, say, my car keys as proof of permanent legal title to my car. That's simply false as a matter of law. So it is surprising to me that the transfer has not been reversed already, especially given that the hacker clearly has violated their terms of service, has no legal title to the domain, cannot indemnify the registrar, and cannot show up in court to defend this fraud. So, from even just an ordinary risk management perspective, I'd have thought the receiving registrar would be eager to avoid the costs and liabilities of not returning the domain.

Does anyone have suggestions on the best was to communicate to the registrars that it will be most cost effective for them to return it without protracting the issue? Or, for that matter, the best way to communication the the registrars? So far, the responses have been less, well, responsive, than I'd hoped.
I have had similar issues when Deleted.com was hacked. But I did end up recovering it and sold it later...
 
0
•••
Anyone know direct contact details at NameCheap or eNom?

I'd love to make this process go more smoothly than the indirect communications channels I currently have open.
 
0
•••
any other and easy process to recover?
 
0
•••
My two cents is when the owner of ShadesDaddy threw everything it could at retrieving its domain, including notify the FBI, sue in federal court, and broadcast the theft every outlet it could, he received the domain back. That case made it into the WSj: Cybercriminals Are Misappropriating Businesses’ Web Addresses
https://www.wsj.com/articles/now-cy...opriating-businesses-web-addresses-1426120840

Here is DomainGang's coverage:

ALERT: Multi-million dollar business domain ShadesDaddy.com has been stolen!
http://domaingang.com/domain-news/alert-multi-million-business-domain-shadesdaddy-com-stolen/

Verisign returns ShadesDaddy.com to lawful owner with executive decision
http://domaingang.com/domain-news/verisign-returns-shadesdaddy-com-lawful-owner-executive-decision/

ShadesDaddy founder offers advice on Domain Name Hijacking recovery
http://domaingang.com/domain-crime/...ers-advice-on-domain-name-hijacking-recovery/

"After plenty of corporate lobbying and pushing in all directions, including talking to FBI agents and filing a federal lawsuit, ShadesDaddy.com was magically returned to eNom, the domain registrar it was stolen from.

"Palatnik’s lawyer, Rafael Recalde of the Recalde Law Firm, PA, handled the case."
 
Last edited:
0
•••
"After plenty of corporate lobbying and pushing in all directions, including talking to FBI agents and filing a federal lawsuit, ShadesDaddy.com was magically returned to eNom, the domain registrar it was stolen from.

Thanks for the links. The domain was stolen and transferred to a registrar who refused to return the domain. It is interesting that the owner managed to get the .com TLD registrar, verisign, to yank the domain out of ename's hands.

Clearly ICANN rules need to be changed to A) make it harder to steal domains and B) harder for receiving registrars to keep them in face of clear evidence of fraud.
 
0
•••
What do think Icann should be doing ? In fact, they made it more difficult to sell domains by introducing the EPP code back in 2006. Before then, you could steal any .com/.net domains as long as:
  • the domain name was unlocked
  • the current holder would not oppose it (just think about it: if the E-mail address is no longer current or not checked on a regular basis - it's game over)
Many domain names were stolen just like that in the past. It's scary when you think of it. I am an outspoken critic of Icann but what they did here is the right thing. The problem is the implementation: sometimes, some registrars do not provide the EPP code in a timely manner (custom retention tactics usually, and sometimes out of genuine concerns about possible hijacking).
Icann actually has some advice for your situation:
https://www.icann.org/news/blog/documentation-is-key-to-recovering-hijacked-domain-names

Now it's more difficult to steal a domain name. Usually it's always one of these two methods:
  • phishing
  • hacking the registrant E-mail account
E-mail is very sensitive because your whole life can be compromised. There is usually enough data to be found to perform identity theft. What I mean is: the damage could go even further than the mere theft of a valuable domain name.

What you need to do is work closely with your current (losing) registrar. But unless the new registrar can be convinced the name should be returned to you, you will probably have to lawyer up. To present a good case, you need to document it. You cannot show up in court and demand the return of stolen property just based on your good word.
My advice is to move fast, very fast before the name can be flipped to some unsuspecting buyer. You may have to retain the services of a qualified IP attorney. The market value of this domain name justifies it. Good luck.
 
1
•••
Now it's more difficult to steal a domain name. Usually it's always one of these two methods:
  • phishing
  • hacking the registrant E-mail account
E-mail is very sensitive because your whole life can be compromised.

I think you've just pointed out what ICANN needs to do. It's too easy to hack email accounts, so one factor authentication for domains valued in the tens or hundreds of thousands of dollars is, IMO, negligent.

All ICANN registrars should be required to offer 2 factor authentication account protection and transfer lock, and they should all have optional text message notification and email notifications to alternate emails whenever an account is accessed or a domain is changed.

Those are really simple, basic security steps that *every* on-line company should offer, but especially financial companies and domain registrars.

What you need to do is work closely with your current (losing) registrar. But unless the new registrar can be convinced the name should be returned to you, you will probably have to lawyer up. To present a good case, you need to document it. You cannot show up in court and demand the return of stolen property just based on your good word.
My advice is to move fast, very fast before the name can be flipped to some unsuspecting buyer. You may have to retain the services of a qualified IP attorney. The market value of this domain name justifies it. Good luck.

Thanks for the suggestions

The domain was transferred and registered to *my name* and *my address*. There is absolutely no question that this is a fraudulent transfer, hence my call for ICANN rule changes so that domain registrars can stop condoning this kind of fraud on a regular basis.
 
0
•••
I think you've just pointed out what ICANN needs to do. It's too easy to hack email accounts, so one factor authentication for domains valued in the tens or hundreds of thousands of dollars is, IMO, negligent.

Sorry to be blunt but that's not ICANN's responsibility. .com are worth about two dimes to ICANN.

They could mandate stricter rules for registrars to employ MFA but that has other market impacts - not everyone has access to smart devices and not everyone wants to deal with it. The market exists so that some registrars do offer these services to those who want it.

It's all about balance - domainers want a liquid market when selling and a restrictive market when holding. One of the biggest complaints registrars get is when domainers need to verify their id when registering/transferring names!

The statement - "it's too easy to hack email" is usually more a case of "it's too easy to trick people through phishing".

If you're talking about tens/hundreds of thousands of dollars then the owner should be more responsible. 2FA is an option. Registrars with real lock down is an option. Using a secure email is always an option. Not clicking on any links is an option. Using a secure device is an option.

What has happened to you is awful and I hope resolves but you can't view this one incident as a blanket need to change what works for 100m+ other domains when the problem could have been prevented in the first place. Good luck.

There are many reasons to blame ICANN and its lack of mandating a modern, secure and flawless method of locking down domains - the same way you can't buy a house without a deed.

Which is not flawless and has spawned an industry called "Title Insurance" which is complicated enough in the US without adding global registration and usage to the picture.

I am genuinely interested in what is a modern, secure, and accessible method of locking down domains that could exist that also allows a degree of anonymity that many demand.

There are companies that will charge you more and do a much better job of managing domains securely - the market in general 100m+ names do not need it .There is a reason that CSC exist and have market share.
 
Last edited:
1
•••
A huge error on my part. It seems that many legal professionals will rewrite the three components of the UDRP in their own personal WIPO writeups and summaries and often item 1 is written in the form:

"The domain name registered by Respondent is identical or confusingly similar to a trademark or service mark in which you have rights; and"

The italicized piece is not on the actual UDRP criteria and materially changes the criteria (in an incorrect way). My argument before was that if you argue the domain stolen then the first part is false and thus the whole thing fails. Without the italicized portion your summary makes much more sense and I agree. Prong 1 is solely establishing if the name is "Identical or confusing similarity to a mark".

Unfortunately that misreading leads to flawed argument that you corrected above. Much appreciated.

2 - There are no legitimate rights or interests because it is a stolen name.

I still question this part because it's not for the UDRP to determine if a name is stolen or not. They aren't qualified or tasked with that. They are tasked with establishing if you have a legitimate interest in the name.

if a respondent just said I am listed as the registrant on the name and EHT.com is a valuable three letter domain name in its own right and there are many different uses of those letters:

Eicosanoyl-5-Hydroxytryptamide
Employer Health Tax
Essential Hypertension

It's not impinging on any rights because because it's just 3 letters. It has intrinsic value (just like AAA.net)
{This ignores the fact that rights were confused by pointing to what you stated was a common law mark}

Whether I changed nameservers and registrars is irrelevant. Whether I use privacy is irrelevant. Whether I claim that the guy gave me the domain because I caught him cheating on his wife is, again, irrelevant. Whether I have a contract sale is irrelevant. If I can claim legitimate rights that is all that matters. "I am registrant and it's three letters of value". I could argue that I was just doing the guy a favor by pointing to his website.

In the scenarios the usage was such that prevented that argument and in this GHH.com case I think the same may be true.

Scenario B - Someone had worldsworstdomain.com. In fact, Rick Schwartz had it, and he ran a blog there where each week he would run a contest where people would submit domains for sale at SEDO for $5,000 and up, and he would announce the winner. At the top of the blog, there is a banner that says "World's Worst Domain" in big letters and beneath it says "Win this week's Golden Pigeonsh*t Award!" You stole the domain name. It is now registered to you. Rick files a UDRP. What result?

I can prove that Rick had a domain that he was using that domain. What if it was registered to me and I put a picture of a flying rainbow cat that played beep music thus creating the "Worlds Worst Domain". Then what?

Can a UDRP panelist really take on a role of establishing whether theft occurred? They're tasking with answering whether the registrant (me) has a legitimate interest. There is no evidence of theft other than a claim by the claimant.

What if Rick sold the domain to me for $50,000 dollars under NDA and it changed registrant. I moved it to Dynadot.. then found out that Uniregistry had better legal counsel so I transferred again.. then I added privacy and put up pictures of cats. Rick files a UDRP against me saying I stole his domain and thus have no rights. Now what? I have to prove that sale happened? I have to file more paperwork for UDRP than is required to take the Oval office?

But, as far as I can understand what you are saying, then nobody can win a UDRP dispute, stolen name or not, because they have to admit the registrant "owns" the domain name. Well, if that is a "legitimate right" in UDRP terms, then it's also something that always true in every UDRP dispute, whether it involves a stolen name or not.

Not at all. What I am saying is that everyone registering a name should be presumed to have a legitimate right to that domain as registrant and owner. The UDRP exists for a complainant to subsequently argue that the name is confusingly similar, the registrant has no rights or interests, and it's used in bad faith. At that point ownership is transferred.

I appreciate your lengthy response previously. I

don't want to sway the thread too much... I just feel if you go the UDRP route AND you get a respondent who carefully crafts a decent response you may get a denial of transfer. I would think then you've got a UDRP filing saying that the respondent has legitimate rights to the name making the burden of proof of theft charge more challenging for the losing registrar (which may not be the case but feels like it could)
 
0
•••
Sorry to be blunt but that's not ICANN's responsibility. .com are worth about two dimes to ICANN.

They could mandate stricter rules for registrars to employ MFA but that has other market impacts - not everyone has access to smart devices and not everyone wants to deal with it. The market exists so that some registrars do offer these services to those who want it.

ICANN *literally* sets the standard for the security of domain registrations and transfers, so I strongly disagree with your contention that security isn't their responsibility. It is exactly their responsibility to set security standards. At the very least ICANN should require that all registrars offer multi-factor transfer authentication on an opt out basis, just like you can opt out of the transfer lock. There's simply no valid excuse, to my mind, not to make that a required option. You can still have your low security liquidity if that's what you want. But everybody else should have MFA by default.

If you're talking about tens/hundreds of thousands of dollars then the owner should be more responsible.]

Companies get away with poor security because they don't have to pay for the consequences: "Your domain got stolen? Too bad. Nothing to do with us. We owe you nothing." However, security is something that is on both the customer **and** the registrar, and it is the **registrar** who can be expected to have full time security experts and up to date information on security threats and vectors, not customers. Customers are not security experts. So best practices are something the registrars should be setting rather than blaming customers. Yet more reason why ICANN needs to set higher security standards.
 
Last edited:
0
•••
ICANN *literally* sets the standard for the security of domain registrations and transfers,
ICANN is responsible for keeping the Internet secure, stable and interoperable.
ICANN draws up contracts with each registry. It also runs an accreditation system for registrars.
They do set policy on the transfer but ultimately the registrar is responsible for getting authorization (FOA).

Hindsight is 20-20.

Ultimately the control is in the hands of the owner of the asset to work with the right registrar.
Right now the internet isn't at risk as a result of this theft.

Nothing to do with us. We owe you nothing."

I do think there should be a better mechanism to track ownership which is why I was curious what @Acroplex would propose (or whether just shared sentiment). A digital transaction ledger, for example. There's got to be a better way to recover a domain from theft because there are blatant cases (like yours appears to be) and the cost of recovery should be limited to minor pain. This is clearly not how it works today.

This tracking improvement would also have the benefit of enforcing better regulation overall (i.e. domain sellers executing proper contracts to prove the legitimacy of the transaction in secondary form).

At the very least ICANN should require that all registrars offer multi-factor transfer authentication on an opt out basis, just like you can opt out of the transfer lock. There's simply no valid excuse, to my mind, not to make that a required option. You can still have your low security liquidity if that's what you want. But everybody else should have MFA by default.

What you want is actually a change to the transfer policy that requires contact (FOA) to be in the form that meets MFA.

Logging on to the registrar panel is not the issue - the transfer process relies on the registrant contact. The weak point is thus relying on email as the source of an electronic signature (as you've stated). If you had MFA on the e-mail that provides a solution that is totally outside of ICANN/Registry/Registrar and solves the issue. Forcing you to log on to accept is another step that could be taken and there are registrars that offer strong transfer policies that demand additional communication, additional identification, etc. That's market driven solution and while I'm far from a free market capitalist, the market would seem a better way to solve the problem the least disruptive manner.

That said, I wouldn't turn away a well thought out solution that didn't alter the market accessibility. You don't want similar situation where you lost a phone or forgot part of the MFA and thus had no recourse to get your domain name renewed etc.

ICANN does provide a link everyone can use for 2FA checking:
https://twofactorauth.org/

Good luck recovering your name
 
Last edited:
0
•••
I do think there should be a better mechanism to track ownership which is why I was curious what @Acroplex would propose (or whether just shared sentiment). A digital transaction ledger, for example. There's got to be a better way to recover a domain from theft because there are blatant cases (like yours appears to be) and the cost of recovery should be limited to minor pain. This is clearly not how it works today.
Whois data escrow + thick whois, now coming to .com/.net as well.
But you may still have to subpoena the registrars and the registry.
Bottom line: make sure your primary E-mail is very safe and use 2FA when it's available.

OP: have you decided on something ?
 
2
•••
Bottom line: make sure your primary E-mail is very safe and use 2FA when it's available.
(y)
 
0
•••
Thanks for the links. The domain was stolen and transferred to a registrar who refused to return the domain. It is interesting that the owner managed to get the .com TLD registrar, verisign, to yank the domain out of ename's hands..
Kudos to Theo who publicizes domain thefts in real time on his site, DomainGang. You can find more in Domaingang's

Stolen Domain Archives
http://domaingang.com/tag/stolen-domain

You're not the only one! :)
 
1
•••
I just feel if you go the UDRP route AND you get a respondent who carefully crafts a decent response you may get a denial of transfer.

Yes, but you are missing the practical point here. The thief, in general, doesn't show up to defend.

What if Rick sold the domain to me for $50,000 dollars under NDA and it changed registrant. I moved it to Dynadot.. then found out that Uniregistry had better legal counsel so I transferred again.. then I added privacy and put up pictures of cats. Rick files a UDRP against me saying I stole his domain and thus have no rights. Now what?

You produce evidence you bought the domain name. How does this differ from producing evidence in any other UDRP defense? You would also have an action against Rick for fraud. The NDA becomes irrelevant in this context because Rick is breaching the sale agreement in the first place.

I've never seen a case where someone sold a name, and then filed a UDRP to try to get it back. That would be a monumentally dumb thing to attempt to do.

Can a UDRP panelist really take on a role of establishing whether theft occurred? They're tasking with answering whether the registrant (me) has a legitimate interest. There is no evidence of theft other than a claim by the claimant.

Yes, and?

There is typically not just the "claim" that it is stolen. If the name transfers from the one registrant to another registrant before the next expiration date, then it either happened voluntarily or not. The respondent in the UDRP can certainly produce whatever correspondence, proof of payment, etc., showing that they bought the domain name.

if a respondent just said I am listed as the registrant on the name and EHT.com is a valuable three letter domain name in its own right and there are many different uses of those letters:

...but he wasn't doing that. He was keeping it pointed at the same site because in a lot of thefts, the domain name is kept pointing to the same nameservers while it is being transferred several times among registrars in order to keep the victim from noticing, and to frustrate use of the transfer policy in order to get the domain name back (since by the time the victim notices, there are several transfers to unwind).

So, when that happens, and it is more than just a "claim", the complainant can show:

1. The domain name was not set to expire.
2. It transferred to a different registrant.
3. It then transferred through several registrars.
4. It remained pointing at the complainant's website during this process.

Then, yes, sure, the respondent can certainly show up and try to explain those circumstances. But where the domain name was arguably being used as a trademark, and you have facts 1-4 - which is more than just a bare claim - then the absence of a response from someone who has clearly been busy managing the domain name suggests that they don't want to identify themselves in the context of responding to a UDRP for the obvious reason. And if the complainant is simply making the whole thing up after having actually sold the domain name to the respondent, then that complainant is exposing themselves to a civil action for fraud and criminal charges of wire fraud. It would be a pretty stupid thing to do.
 
0
•••
0
•••
And if the complainant is simply making the whole thing up after having actually sold the domain name to the respondent, then that complainant is exposing themselves to a civil action for fraud and criminal charges of wire fraud
In China!

Yes, but you are missing the practical point here. The thief, in general, doesn't show up to defend.
True.

Basically - it's a calculated decision on whether it will work to use a process to recover a domain when that process was never really intended for that use. How much of a mark does GHH really have though?

Whois data escrow + thick whois, now coming to .com/.net as well.
But you may still have to subpoena the registrars and the registry.
Bottom line: make sure your primary E-mail is very safe and use 2FA when it's available.

Thanks.
 
0
•••
Basically - it's a calculated decision on whether it will work to use a process to recover a domain when that process was never really intended for that use.

I guess you could look at it that way.

From another perspective, it's a clearer situation where someone has stolen a domain name from a brand owner than where someone just happened to register a domain name corresponding to a trademark they never heard of, but which wound up showing parking ads for the branded products.
 
0
•••
0
•••
Another LLL:

Warning: BSH.com is a stolen domain name – do not buy
http://morganlinton.com/warning-bsh-com-is-a-stolen-domain-name-do-not-buy

Name: liuxiaosheng
Organization: liuxiaosheng
Mailing Address: Jiajiahao building,Nanshan district, Shen guangdong 518000 CN
Phone: +86.13686866262
Ext:
Fax: +86.13686866262
Fax Ext:
Email:
lookup
[email protected]
...
Registrar: 22NET, INC

Ouch. I wish them well in recovering this as quickly, easily and cheaply as possible. Just a wild guess that recovering from 22net will be a challenge.
 
0
•••
Back