advice Domain name theft

[BrandEntrance.com]

I just discovered that one of my domain names has been stolen (for want of a better word) and I just need to know what to do in this event.

The name was moved from one registrar to another without my permission and is under someone else's name.

The website is under my control and I have left some info there for the IIS (Swedish ICANN Country Reps) to see.

Any advice would be appreciated. I have a site under development there as I stated. This word is a hype word and was recently added to the Official Swedish Dictionary. I don't want to say the name of the site.

I know there are domain registrars here and I would really like to know how they deal with this.

 

[branding]

I checked it out but can't find anything strange. It's probably your new host/registrar screwing up. Might be wise to request the auth code and move it asap. Don't know if the domain shows in your panel but I'm sure they could mail it to the domain owner.

The name was regged in 2016 and shows a last update of little over a year ago which may have been a transfer so if something happened to the name itself it wasn't a very recent occurrence. Did loopia change owners? they're quite an established registrar as far as I know.

Wayback doesnt give me much besides a lander though.

 

[BrandEntrance.com]

I checked it out but can't find anything strange. It's probably your new host/registrar screwing up. Might be wise to request the auth code and move it asap. Don't know if the domain shows in your panel but I'm sure they could mail it to the domain owner.

The name was regged in 2016 and shows a last update of little over a year ago which may have been a transfer so if something happened to the name itself it wasn't a very recent occurrence. Did loopia change owners? they're quite an established registrar as far as I know.

Wayback doesnt give me much besides a lander though.

None of the above data fits reality. That data presented has been changed.

I have had the domain for 1 year. I registered it first. It was never regd in 2016. IIS say it was registered in 2017. I regd it in 2018.

 

[branding]

I blacked out the name but it clearly shows 2016... who did you reg it with?

 

[Gube]

Does your current registrar have any explanation?
Any log for this ? (since they removed it from your control panel..)

 

[branding]

The update is that they have removed the domain from my control now and my site is gone. A police complaint is filed for a domain name of substantial value that has been stolen by thieves who have hacked the IIS Internet foundation in charge of .se domain names.

It is most likely insiders who have access at these places. It is a CyberCrime and Sweden's Police Authority have a division for that. They might actually do something about it.

I have been lawyering up is all I am able to say now.

ok. well if you have proof there's nothing to worry about. all I can say is archive.org doesnt show any data besides a lander from 2018.

 

[branding]

That is redirecting to FSData... it's looking for home becuase it can't find an index.php file there for a site, because I hadn't built it yet, and therefore redirects to the registrars main page. That is how that is set up with them. Proof that I had it registered there. They only removed the domainname yesterday and with that... access to the site. They have log files. I have screen dumps witnesses, support errands with them and others regarding the site, database software incompatibility and upgrades etc. and an installation from a 3rd party company. Plus my payments, registration emails etc.

About 50 emails on the subject of this site beck and forth with their support.

ok, well as there's publicly no data to support this and there are no trails to be found I'm not sure what you can do. Archive.org only indexed one page which is late 2018. If the website was developed I find it hard to believe there's only one indexed page.

Anyway, as you seem to be certain of your case and it hasn't been regged before 2018 all I can suggest to you is to get in touch with the ombudsman and maybe a lawyer.

Like I said, I have been dealing with IIS as a registry for like 2 decades and never had any issues. If what you're claiming is true it would be a big deal as they have a proven track record of reliability.

also, you sent me some screenshots where you were the domain was using a SSL cert. in order for that to work there must have been some domains verification against an ip address. see if you can find that in your browser and save it for future reference. it may act as proof.

 

[BrandEntrance.com]

there simply has to be more to the story. Your screens seem legit but I find it hard to believe IIS got hacked to this degree for this particular domain.

Never underestimate thieves ... or the stupidity of thieves.

 

[xynames]

My best guess is the registrar messed up. allowed you to register the domain while it has already been in possession of another client.

there simply has to be more to the story.

So is this another @ my domain was stolen @ thread at NP where nothing was stolen and in fact there is an alternate explanation? In this case here is the explanation that the OP never had clear title to it in the first place? he was never the bona fide owner?

 

[BrandEntrance.com]

So is this another @ my domain was stolen@ thread at NP where nothing was stolen and in fact there is an alternate explanation? In this case here is the explanation that the OP never had clear title to it in the first place? he was never the bona fide owner?

Because nothing ever got stolen before right?

 

[IPBFlippers]

If 2016 is showing as the date for registration and you bought the domain in 2018, then it might be an expired domain.

I bought one of my domain names in 2015 and it shows 2011 as the registration date on the whois record and way back machine.

This seems like an interesting case to follow up with since the name in question is a dictionary name.

 

[branding]

So is this another @ my domain was stolen @ thread at NP where nothing was stolen and in fact there is an alternate explanation? In this case here is the explanation that the OP never had clear title to it in the first place? he was never the bona fide owner?

Yeah that's probably the case. I definitely feel for him but if you weigh all options the most likely one is the registrar screwing up on their database allowing him to reg it and make changes to DNS while it was already regged by anotyer client of theirs. They probably merged clients after the ownership change which may have caused the issue.

If we'd look at this from a 'hackers' perspective, it would be way less trouble to hack a registrar compared to hacking the registry. I doubt going through the trouble of hacking IIS would be worth it for this particular domain.

@jamesall did you reach out to loopia to verify if they indeed have the name registered there since 2016?

 

[BrandEntrance.com]

Who has been paying the renewal fees each year since 2016?

You guys don't comprehend well.

The name can't have been registered at 2 DIFFERENT registrars and 2 DIFFERENT owners at the same time. (Src ICANN who I have a dialogue with).

Nobody paid any fees except me. The data from IIS looks compromised. Yes they will have to produce proof of renewals. I was going to do my first renewal. The name became a dictionary term AFTER my registratrion.

Put all the above in the hands of some unscrupulous thieves with access to the database at IIS, Loopia and so on with company ownership changing. Do you think there are no elaborate robberies in this country? Something stinks. I give you all my info and you say that I am wrong too. Remember, they are denying all support issues etc which may also have been deleted from their system. I have all the messages (legal documents in this country) saved and even 3rd party software company did an installation on the site.

This is like if someone had their car stolen and you saying... "It probably wasn't his car anyway. Case closed!".

Now I'm done on this subject.

 

[BrandEntrance.com]

Sounds good, until he says

Which means, what? That he hadn’t paid any renewal fees yet (this was his “first renewal”) but was “going to?”

So, again,

Yes I will try to type this slowly because I know you don't read so fast.

I was expecting a renewal email from the registrar and did not get one. Ok so far?

Then I contacted them to request a bill for the renewal. Keeping up?

Then it unrolled that the domain NEVER was mine, Had never been registered by me. Had never been at this registrar. How's it going? Need a short break?... ... ... ...

Then after 1 year of being the registered OWNER and HAVING AN ACTIVE SITE, the shit hit the fan.

Homework before replying: What is theft? What is changing data (on the inside or through hacking). Did a domain ever get stolen before? Can a domain be registered by 2 different registries and 2 different people at the same time?

If I send repo men to your house to reposess your car, you protest that it is, you paid for it registered it and have been using it all this time... and then the neighbor says to you "It wasn't you car anyway?" ... isn't he a bit like you?

 

[BrandEntrance.com]

Who has been paying the renewal fees each year since 2016?

N O B O D Y ! ! !. That data has been changed at IIS !!! It was never registered then.

Do any of you know what a database is and how to use one?

 

[BrandEntrance.com]

Also I was called a thief by the registrar for stealing someone elses traffic.

They sold me the effin domain!!! If I am a thief then you are all theives as well with stolen domains. Every one of you. What do you mean you paid? That makes you a thief too according to the logic of some people replying here. Is this logical to state something like this? No. Now wise up.

Please understand that I came here to get advice not to be treated like a thief again.

Refresher course in simple economics:
https://en.wikipedia.org/wiki/Financial_transaction

 

[Brian L.]

I just discovered that one of my domain names has been stolen (for want of a better word) and I just need to know what to do in this event.

The name was moved from one registrar to another without my permission and is under someone else's name.

The website is under my control and I have left some info there for the IIS (Swedish ICANN Country Reps) to see.

Any advice would be appreciated. I have a site under development there as I stated. This word is a hype word and was recently added to the Official Swedish Dictionary. I don't want to say the name of the site.

I know there are domain registrars here and I would really like to know how they deal with this.

Did you ever figure out what happened?

 

[branding]

Update:

I got the domain name back again!

And... yes I paid all fees for the domain when I had it originally etc. What the heck do you guys expect? Anyway I got it back and the matter is closed.

It is my domain!!!

Glad it worked out. Hope you don't mind me asking... What happened that caused this mess?

Whois shows it was dropped and re-registered...

 

[Sheogorath]

Update:

I got the domain name back again!

And... yes I paid all fees for the domain when I had it originally etc. What the heck do you guys expect? Anyway I got it back and the matter is closed.

It is my domain!!!

Congratulations
It is a sad truth that domains are not 100% safe and there is the possibility that they can be stolen.
Hopefully, such a thing will not occur again.

Note: It is always great to have two factor authentication enabled as a second layer of security.
This can dramatically lower the chances of someone hacking to registrant's account.

 

[lock]

I seen this before..... Move your domains to a company that will stick around eg godaddy. This sounds like a total stitch up had domains transferred to another yup been there lost that.