NameSilo

Did Network Solutions conspire to allow this domain name to be stolen?

Labeled as information in Warnings and Alerts started by Addison, Mar 9, 2018.

Replies:
31
Views:
2,152

  1. Addison

    Addison Established Member

    Posts:
    730
    Likes Received:
    1,561
    Full article...

    :bookworm:

    @namekart, any superfluous details to add?

    :cigar:
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. offthehandle

    offthehandle . Gold Account VIP

    Posts:
    2,851
    Likes Received:
    5,384
    I can see your frustration with Netsol, and it was explained as a batch transfer mistake by John. The nice responses as comments at the blog link above from @jberryhill @Slanted and Epiks owner to assist you appear to be very immediate, genuine, helpful, constructive and you might want to remove their companies names on your blog. Just a friendly suggestion.
     
  3. tonyk2000

    tonyk2000 Active Member VIP ★★★★★★★★★★

    Posts:
    830
    Likes Received:
    1,011
    Poor guy. As per the story he posted, have was a victim 3 times. First, he bought his domain from somebody looking like one of known pendingdelete domains spammers who promoted the domain name as their own, even though nobody owned it at the time of spamming. I am unsure whether the spammer and the forum member @namekart are the same persons or not. The spammer then pre-ordered the domain somewhere and even messed up the things not making sure whether it was catched with enom or netsol (unless this happened exactly during a one-time transition of enom-powered dropcatched domains under ~"enom12345 llc" registrars from enomcentral to netsol). Deep whois history checks with timestamps may give better picture. Then, he renewed the domain at least once with Netsol, which by itself means he was robbed ($35?). Finally, he lost netsol-regged domain - not the first customer with this issue, and not the last, as many of similar threads in this forum are showing. I am wondering what special did could anybody else find in this particular domain, which - on a spot view - may be of interest only to the legitimate registrant who bothered to write an article and post it in various places... Not a 3L com, not even a single word regged in 198x years....
     
    Last edited: Mar 10, 2018
  4. offthehandle

    offthehandle . Gold Account VIP

    Posts:
    2,851
    Likes Received:
    5,384
    How did you discover that so quickly? Or is the subject broker already a well known front runner? Thanks for posting that detail.
     
  5. tonyk2000

    tonyk2000 Active Member VIP ★★★★★★★★★★

    Posts:
    830
    Likes Received:
    1,011
    I read full article. There is a text inside: "I am a broker, my name is Charlotte (Indian name, really?), blah blah". Sounds very familiar, I receive tons of these each day. All for pendingdeletes or godaddy expired auctions. For the sake of fairness I also noted that I did not check historical whois records, somebody with domaintools account may post all the relevant history, so it may be that the domain was indeed owned by a spammer (they rarely do, the only one I "catched" so far is a guy from Lithuania - he, indeed, spams what he owns/handregs)/
     
    Last edited: Mar 10, 2018
  6. offthehandle

    offthehandle . Gold Account VIP

    Posts:
    2,851
    Likes Received:
    5,384
    I never have received any spam from the subject person or company with that name. I do receive 100 whois spam messages a day some are offering names “coming available” but I rarely review. They actually are tipping me off to find a few expiring I could get myself anyway if I wanted.
     
  7. tonyk2000

    tonyk2000 Active Member VIP ★★★★★★★★★★

    Posts:
    830
    Likes Received:
    1,011
    The guy from Lithuania, Simonas, is noticeably less active now, but I still receive offers to purchase his fresh handregs from time to time. Anything else is all for pending delete and godaddy prereleases, and I also handregged a few domains as the result of such mailings :)
     
  8. tonyk2000

    tonyk2000 Active Member VIP ★★★★★★★★★★

    Posts:
    830
    Likes Received:
    1,011
    Are you tracking and categorizing your spam?? Just a curiosity. For me spam is always spam whether it is from "Adam Smith" or a random first/last name combinations or best-domains-info dot info, or anything else they register each day... and they still call it legitimate outbound marketing.
     
    Last edited: Mar 10, 2018
  9. tonyk2000

    tonyk2000 Active Member VIP ★★★★★★★★★★

    Posts:
    830
    Likes Received:
    1,011
    The story ended good for the author

    "We have done some further investigation into what happened here, and you will soon be getting the domain name back. In point of fact, the registrant of the domain name at Epik is the person who sold you the domain name.
    On the basis of the facts available thus far, the issue appears to have arisen from approval of the batch transfer initiated by your seller, which somehow managed to over-ride your transfer lock at Network Solutions."
    (end of quote from John Berryhill).

    So, one should always transfer domains away from NetSol as soon as any locks, like 60 days, are expired. Hope that the author of the original (external) article now knows this, and so are a lot of his readers...

    It should also be better for any legitimate domainer, who got their domain for sale @ Net Sol, to wait 60 days and transfer it away, without listing it for sale if it is still at netsol. Imho. With all recent cases of domains stolen with this provider, all reputable escrow providers and marketplaces should soon start marking such transactions as suspicious by default. I heard similar already happens with domains that are with China-based eName, which used to be a home for stolen domains by some reason for a long time.
     
    Last edited: Mar 10, 2018
  10. BaileyUK

    BaileyUK Established Member

    Posts:
    608
    Likes Received:
    773
    Glad this seems to have worked out well
    I would just like to thank the posters in this thread for clearing-up and clarifying, that the practice of attempting to sell domain on pending delete is probably far more widespread than I had thought. I seem to be a daily target for these type of sales attempts.
     
  11. tonyk2000

    tonyk2000 Active Member VIP ★★★★★★★★★★

    Posts:
    830
    Likes Received:
    1,011
    Some are making living on it.... And they made a legitimate outbound marketing irrelevant. Legitimate - it is where the sellers do own what they are trying to sell, where real senders names are used (and not random John Smith in one email and Steven Smith a few min later with a very close text but to another privacy-protected email), where the texts are comopsed individually with a prior finding of responsible contact names on another end, etc...
     
    Last edited: Mar 10, 2018
  12. BaileyUK

    BaileyUK Established Member

    Posts:
    608
    Likes Received:
    773
    I do understand tonyk2000, It had crossed my mind that there was a viable business model in attempting to sell (non-owned/pending delete) domains and as mentioned I received enough proposed offers in this format to just to take a few moments to check the status of half-a-dozen or so myself. I could imagine it would actually be a growing base for those that are willing to put the work in for probably a very low response rate but nevertheless $$ to be had.

    this thread just happened to coincide with the thread about 'responding to email offers'. and of course the dictated registration service to accept the transfer in just seems to tally things-up
     
  13. tonyk2000

    tonyk2000 Active Member VIP ★★★★★★★★★★

    Posts:
    830
    Likes Received:
    1,011
    I was about to close the tab with the original story and noticed that an author incuded a date into the screenshot of initial communication he received. The date was 06/12/2017. So my original guess that this particular communication from "Charlotte" (if it is her real name) was about a pendingdelete domain was incorrect, as the domain has "Creation Date: 2016-04-06" as per whois.

    Sorry about this error, was typing too fast. It however serves as a perfect illustation of what was discussed in later thread posts - any outbound marketing for an existing not-pendingdelete domain (whether it has spam characteristics or not is irrelevant in this aspect) now has little or no relevance, as the registrants of "similar" (or, in fact, any) domains are receiving tons of offers to purchase domains that the "sellers"/"brokers" do not yet own, and may never acquire...
     
    Last edited: Mar 10, 2018
  14. offthehandle

    offthehandle . Gold Account VIP

    Posts:
    2,851
    Likes Received:
    5,384
    I consider just about 95% of what I receive unsolicited as spam. Most I will block the email address, but some go as far to enter my own email address as the return address yet are trying to sell a legit advertising product. I get offers on names a few a week, almost all from domain investors or people pretending not to be them. The SEO and rank offers are constant and annoying.
     
  15. offthehandle

    offthehandle . Gold Account VIP

    Posts:
    2,851
    Likes Received:
    5,384
    There is one standout spammer. This guy has literally sent me 500 emails from variations of origin email.

    "D.e.j.a.n. .... G"

    Thanks. Yea, I edited fast, thanks forgot about that in the haste to post.
    I dunno if I want to repost them. Not sure if anyone else would care really or not.
     
    Last edited: Mar 10, 2018
  16. tonyk2000

    tonyk2000 Active Member VIP ★★★★★★★★★★

    Posts:
    830
    Likes Received:
    1,011
    Yes, very familiar. Especially "If you do not wish to be contacted again" part. Received a few earlier today. @offthehandle maybe you can edit links code from http to something else not to give his sites more exposure and se ratings/backlinks. Here they are mentioned in negative aspect, but still... backlinks
     
    Last edited: Mar 10, 2018
  17. Brandworthy

    Brandworthy Established Member

    Posts:
    601
    Likes Received:
    1,165
    Medium post has been deleted, but still available for now from Google's cache. Sadly the cache doesn't include the comments.

    NetSol really are a mess. What are management doing over there?

    As to domain front runners - I receive so much spam offering me similar names every day it's unbelievable. I use an auto responder to always say I'm interested in the hope that they'll order enough useless names that it puts them out of business. They are a major blight on the domain industry IMO.
     
  18. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    1,815
    Likes Received:
    2,039
    Yeah, that was pretty much my morning today.

    It's still kind of weird that the seller was able to accidentally transfer the sold name when he did a batch transfer to Epik.

    But, be that as it may, Uniregistry immediately noticed that it was an old listing, got ahold of the Uniregistry account holder, and found out that the problem was Netsol releasing the name when the seller did a batch transfer to Epik. It's an account with a substantial number of names, and it seems as if Netsol's system allows batch transfers to somehow over-ride the registrant transfer lock.

    Here's the funny part. When we got the basic gist of what was going on, I sent a note to Rob Monster at Epik to give him a heads up so he could have his folks look into it. In my email, I quoted the nasty comments about Uniregistry and Epik, and I said "take a look at my comment on the blog".

    The way I put it, Rob reasonably thought those were my comments and fired back a salvo at me. So, I figured maybe I should pick up the phone. Ooops.

    In any event, he'll be sorted out promptly.

    I had been planning on doing other things this morning, though.
     
  19. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    1,815
    Likes Received:
    2,039
    Glad to hear he pulled the post, though.
     
  20. tonyk2000

    tonyk2000 Active Member VIP ★★★★★★★★★★

    Posts:
    830
    Likes Received:
    1,011
    fascinating :) I was always wondering what might be the reason of bidding wars between 2 or max. 3
    bidders with unfamiliar bidding aliases and for domains that I would never (hand)register even completely drunk and with a 99% discount coupon :)
     
    Last edited: Mar 10, 2018
  21. offthehandle

    offthehandle . Gold Account VIP

    Posts:
    2,851
    Likes Received:
    5,384
    I was really impressed with the quick investigation, immediacy, diplomatic and responsiveness of your comments and those of Joseph and Rob. Glad OP got the name returned and the post it was deleted. One of the quickest resolutions I have seen since I got into this. Nice job.
     
  22. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    1,815
    Likes Received:
    2,039
     
  23. Brandworthy

    Brandworthy Established Member

    Posts:
    601
    Likes Received:
    1,165
    It sounds significantly worse than that - it appears this bug allowed the previous registrant to transfer a name that was in a different user account AND override the transfer lock on that name. Combined that's a pretty serious security issue for NetSol I imagine.
     
  24. carob

    carob Active Member VIP

    Posts:
    2,820
    Likes Received:
    3,228
    Time for a contest to find a new name for Netsol - NetlossSolutions, NetworkDelusions, NetworkCollusions....
     
  25. Addison

    Addison Established Member

    Posts:
    730
    Likes Received:
    1,561

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!

Share This Page

Lysted
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...