Domain Theft

[Commerce]

Hard to believe after nearly 25 years, but I got hit by criminals who have stolen a number of my domains. Any insights beyond working with the registrar of record to resolve this quickly?

-Commerce

 

[Commerce]

any one domain we should look out for in particular?

Actually several. But a little update. Having contacted the registrar support, I was advised to outline in detail the situation as an email to mail to their abuse, with an expectation of 24-48 hour response time. Ironically, their servers got back to me quite a bit faster... the message bounced. Hopefully, their legal team and my account manager will pick this up. Even so, I am going to reach out to their corporate group this morning. Based on the call, it was discovered that either forged or stolen physical credentials were used to convince them that the individual(s) were me. There is a little problem with their documentation I shall not share here. As you can imagine, I'm not pleased that along with some pretty strong names, they opted to go after my corporate identity.

The list of stolen domains discovered so far is as follows:

companies.net
experience.net
firstusa.net
ihba.com
ihba.net
ihba.org
isba.com
isba.net
pressclub.com
pressclub.net
schoolers.com
schoolers.net
clanmaitland.org
commercecompany.com
commercecompany.net
commercecompany.org
commerco.org
thecommercecompany.com
thecommercecompany.net
thecommercecompany.org

 

[Mike Goodman]

Because it's where the SnapNames successful drops are homed. We don't have options. Time the authorities did take a look. They do have a duty of care for the public's property if they are allowed the role of caretaker.

 

[wwwweb]

This is the wrong move, if you want to put delay the to theft, protect people from buying your domains, or at least flag the stolen names so they can't be moved around.

You are simply helping the thieves by allowing them to unload them by not naming them.

My guess is they didn't take your yellowpage names.

 

[Commerce]

Well, figured an update was about due. Just before the end of February, connected with the security team and learned that the domains were immediately security locked on report. They have now been transferred back into my account, which also has additional security in place that should generally discourage any future attempts to steal domains from this registrar.

Thank you to all those who offered encouragement, advice and support. The biggest takeaways from all this are that you need to document everything, remain engaged in the process, keep asking about updates on the ticket(s) and don't lose hope. If you are new to domaining and do not have a history with a registrar you may well need to seek assistance from attorneys and resources who have expertise in recovery. Never be ashamed to share as a victim of online domain theft, as the community benefits from the experience.

 

[Future Sensors]

Hard to believe after nearly 25 years, but I got hit by criminals who have stolen a number of my domains. Any insights beyond working with the registrar of record to resolve this quickly?

-Commerce

You can start here, https://www.icann.org/news/blog/documentation-is-key-to-recovering-hijacked-domain-names

 

[MapleDots]

Yup @wwwweb is correct, the more people know and get involved the better the recovery odds.

I have seen some pretty heavy topics on namepros were the members were instrumental in getting the stolen domains back.

 

[MapleDots]

I hope im not oot...but i was wondering, is it worth it to pay an advanced security for a domain (the one offered in the domain registry)? Will it prevent this incident?

Getting a good registrar and two factor security stops this.

When I phone godaddy they will not talk to me until I give them my generated code from my google authenticator.
It does not matter how much personal information I give them. It is because I asked for that service, even a simple support call needs that code so nobody can scam the support agent.

We are all human and with a lot of personal information it can look to the agent like he is talking to the domain owner.

The authenticator is your friend and even more secure than two factor with a text to your phone.

 

[bmugford]

I am not surprised it was Network Solutions. It seems to be an ongoing issue recently.

Brad

 

[MapleDots]

@wwwweb and @MapleDots - I do agree, however, I think it would be best to try to let the registrar have the opportunity to make things right. After all, it will be my pleasure to be able to report things are okay within a week should that happen.

A week is forever with stolen domains, you have to keep in mind the thief can quickly resell the domain and then you have another party in the middle.

 

[Commerce]

@JagG Thank you. I'm not the owner of Perl.com. This was a case of the registrar believing a change should be made with fake credentials supplied by the criminal(s) involved. Their MO features asking about a purchasing a domain, mail bombing the reply address with signups and stealing the domains within the account block.

 

[Reallybigidea.com]

Network solutions is a joke unreliable registrar. Why do people still use it?

 

[Mike Goodman]

They must be learning something from their aggrieved customers. Late last night after reading (and responding to) this thread I decided to move the handful of domains I had with them for more than 60 days after drop and drop-auction wins. I had to contact support, who emailed the auth codes direct to my inbox using the email address they have on file for me.

It's a very cumbersome method but safe. They're bound to come up with something less labour intensive soon but until then I'll feel what I have left with them is more secure for now.

 

[CraigD]

I hope im not oot...but i was wondering, is it worth it to pay an advanced security for a domain (the one offered in the domain registry)? Will it prevent this incident?

I don't think you should have to pay extra for security in principle. It should be assumed that security is tight under the current systems.

 

[Commerce]

Working on it. Am told that certain really private information was used to convince the register of my identity. Will probably be following up with the authorities after the names are returned. Still well in the 60 day registry transfer window, so that is the good news.

 

[LUP]

Regarding the name of the registrar, I'd prefer not to say at this time. It is one of the big guys, so I have some hope that this can be turned around. What I may do is explain some of what that took to do and how this came to pass after it is resolved.

Take a look https://www.icann.org/compliance/complaint

https://icannportal.force.com/compliance/s/transfer

 

[Satoshi's Domains]

Agreed, Network Solutions is the worst customer service experience I've ever had. Huge delays, bogus charges that take forever to get refunded, can't figure out where domains are held at times...the list goes on. They are basically what would happen if GoDaddy merged with the DMV.

 

[fleaking]

I have a similar situation with Network Solutions recently...
they stole my domain and sold it to someone else(might be due to their system's glitch),
and I have reported the issue to them for more than 10 days but still got no official response yet...
their VIP support always replied me that their Fraud / Legal team is investigating the issue now...
I feel very upset and depressed about the problem and I am thinking to take a legal action against Network Solutions, any lawyer here can help with? I just want to get my domain back...

ref: https://www.namepros.com/threads/my...o-namecheap-without-my-authorization.1224520/

 

[Samer]

Probably, your best course of action;

https://twitter.com/x/status/1354782669935153152

i like @jberryhill, consider him the best.

Good luck, mate!!

 

[Commerce]

Take a look https://www.icann.org/compliance/complaint

https://icannportal.force.com/compliance/s/transfer

Yes, thank you for that. Have been in touch with ICANN to establish the process needed, which will begin on Monday.

 

[MadAboutDomains]

I remember when web.com/netsol gave away France.com to another owner and didn't even have the courtesy to tell the owner who was running a business on there.

I wouldn't touch them with a barge pole.

That is by the by however, I hope that you are able to recover your names.

 

[Commerce]

Regarding the name of the registrar, I'd prefer not to say at this time. It is one of the big guys, so I have some hope that this can be turned around. What I may do is explain some of what that took to do and how this came to pass after it is resolved.

 

[JagG]

I saw this today on Twitter

https://twitter.com/x/status/1354535622069919748

Related?

Hope all works out for you Commerce.

Also more info https://www.namepros.com/threads/theft-of-perl-com-a-1994-domain.1226135/

 

[tldboss]

Wow.
So if it turns around, no harm?

Come on man, it’s probably Network Solutions.
(worst registrar)
In any case, Good luck!

Yea, Network Solutions

==

Decent names, I think you will get them back, as long as they remain at the same registrar, keep pushing.
Good luck

 

[Samer]

Actually several. But a little update. Having contacted the registrar support, I was advised to outline in detail the situation as an email to mail to their abuse, with an expectation of 24-48 hour response time. Ironically, their servers got back to me quite a bit faster... the message bounced. Hopefully, their legal team and my account manager will pick this up. Even so, I am going to reach out to their corporate group this morning. Based on the call, it was discovered that either forged or stolen physical credentials were used to convince them that the individual(s) were me. There is a little problem with their documentation I shall not share here. As you can imagine, I'm not pleased that along with some pretty strong names, they opted to go after my corporate identity.

The list of stolen domains discovered so far is as follows:

companies.net
experience.net
firstusa.net
ihba.com
ihba.net
ihba.org
isba.com
isba.net
pressclub.com
pressclub.net
schoolers.com
schoolers.net
clanmaitland.org
commercecompany.com
commercecompany.net
commercecompany.org
commerco.org
thecommercecompany.com
thecommercecompany.net
thecommercecompany.org

@Acroplex
(i love your reporting on ‘stolen’ names)
Hope you comment this one!