Note to mods: I've posted here because this isn't a scam warning (yet!), but a query. If that's incorrect then please move to appropriate forum.
I've recently picked up a short, two-letter .tl domain name that matches the name of a script I'm writing.
The (alleged) previous owner has tracked me down via Facebook of all places. It's not that hard to find me with my surname, so I'm not having privacy concerns, but I'm wondering if there's some sort of scam that I'm not yet privy to?
The message:
(arrebataste = took away? I assume he means dropped here.)
A quick WHOIS of the domains the sender has in his profile shows them registered to an address in Madrid, but his current location on Facebook shows 'London' (as my WHOIS address on the domain) which might be nothing, but has trigged some warning sirens.
I can't find evidence of any of his domains mentioned here, or at the other forum.
The domain was registered around 14th as a fresh registration with one of the CoCCA subsidiaries- there was no evidence that it had been registered before, but none contrary to that either. Seems strange that he let it drop on the 12th and then wants it back on the 18th.
Options-
1- Genuine Enquiry, user made a mistake and dropped his domain
2- Genuine Enquiry, user dropped name, but has had an offer to buy for a higher figure (hence starting at a tempting $1000)
3- Scam, user is going to ask me to pay for an appraisal or on sale try a chargeback
4- Scam, user is trying to get me to reply, opening up more of my Facebook profile details which he will then use to try and social engineer access to online accounts.
I've put enough time in to writing this script that I am going to ask for more than $1000 anyway- if I'm wading through lines of code changing references to the domain/script name then I'm getting remunerated!
I've been doing this long enough to treat any contact with an unfamiliar person warily. But I can't help thinking there's something a little off with this one. (.tl domain, Facebook contact). Am I missing something?
I've recently picked up a short, two-letter .tl domain name that matches the name of a script I'm writing.
The (alleged) previous owner has tracked me down via Facebook of all places. It's not that hard to find me with my surname, so I'm not having privacy concerns, but I'm wondering if there's some sort of scam that I'm not yet privy to?
The message:
(arrebataste = took away? I assume he means dropped here.)
A quick WHOIS of the domains the sender has in his profile shows them registered to an address in Madrid, but his current location on Facebook shows 'London' (as my WHOIS address on the domain) which might be nothing, but has trigged some warning sirens.
I can't find evidence of any of his domains mentioned here, or at the other forum.
The domain was registered around 14th as a fresh registration with one of the CoCCA subsidiaries- there was no evidence that it had been registered before, but none contrary to that either. Seems strange that he let it drop on the 12th and then wants it back on the 18th.
Options-
1- Genuine Enquiry, user made a mistake and dropped his domain
2- Genuine Enquiry, user dropped name, but has had an offer to buy for a higher figure (hence starting at a tempting $1000)
3- Scam, user is going to ask me to pay for an appraisal or on sale try a chargeback
4- Scam, user is trying to get me to reply, opening up more of my Facebook profile details which he will then use to try and social engineer access to online accounts.
I've put enough time in to writing this script that I am going to ask for more than $1000 anyway- if I'm wading through lines of code changing references to the domain/script name then I'm getting remunerated!
I've been doing this long enough to treat any contact with an unfamiliar person warily. But I can't help thinking there's something a little off with this one. (.tl domain, Facebook contact). Am I missing something?
