Domains recently Stolen - Do NOT buy

[bigroxtar]

Hey all,

Someone was recently trying to sell my domains here after breaking into my account both here and at godaddy. These domains were stolen, so do not buy them from anyone. They are not for sale.

Please PM me if you have already attempted purchase of any of these. Godaddy, the FBI, FTC, WIPO, NWC, IC3, and ICANN have all been alerted and are looking to help resolve this. This list is as follows.

Here is the list:

ckz.org , cyj.net, eql.us, eyw.net, nkz.us, qjz.org, qlz.org , xyb.net, zsn.org , zuh.us

Also, if you have any info about the person who did this, please PM me.

Thanks,
bigroxtar

 

[alanchau]

Yes, that's me. The e-mail he told me to send the funds to was [email protected]

 

[IAmAllanShore]

<subscribe>

Sorry to hear about this - good "morality play" about being someone's nigerian scammer (Just send me 80%), unfortunately.

Best of luck to all involved - we're helping on this end in any way possible.

-Allan

 

[Cronus]

I was interested in buying some of the domains, so I emailed the whois contact, which at the time was "Matt Simpkins (mattsimpkins at fastmail.fm)". The owner of that email address replied asking me to send PayPal funds to that same email address. Fortunately I saw the post saying the domains were stolen and I didn't pay. The email address in whois has now changed to pastormatt at flctn.org. Note that Matt Simpkins may be the name of the victim too (identity theft).

 

[Toker]

Get ahold of PayPal, he commited Theft By Deception and Fraud & used P.P.
as the go between which made them a party to it..
As long as he has a PP account they have all his info no matter what
email he's using.

 

[networkmsia]

I am sorry to hear about that bigroxtar.

go change your password in your emails and username here.

Hope everything gets solved soon.

God Bless

 

[cache]

very scary story, hope this will not happen to anyone else here.

 

[NameCharger]

bigroxtar-

Off the top of my head:

Were you using the same password for both sites?

Were you ever hotspotting when logging into either site?

Are you behind a NAT'd router or directly connected to internet?

Wifi router without WPA encryption restriced to your MAC addy?

Do you frequent gambling or pr0n sites with Java enabled or browse with Java enabled? (good practice to uninstall any previous versions of Java and go to sun.java.com and install latest)

Antivirus current? (update at least 2X/week), OS criticals updated at least 1X/week (presuming you use Windows), Windows Defender & AdAware updated and run within past week?

Strong password: http://strongpasswordgenerator.com/ Good practice is to memorize a strong one and use derivatives of it for each site. Your email, Paypal, and eBay accounts should all be different passwords from any other site you use such as this one.

That's all I can think of for now. I hope the swine who did it gets served.

 

[bigroxtar]

Thanks all.

I will forward this link to godaddy who seems to be trying to get them back. Although I haven't heard from them directly, I did recieve 4 .orgs back into my account.

All of you who were involved with the Paypal part need to file disputes with them right away. This guy/girl is all over the web trying to do this. If you do a google search on cyj.net you'll see all the boards he used to try to sell them. He also sold a couple through sedo. And is selling hundreds of other names too. Some may be yours.

The lesson here is maintain high security on your comp. Nice firewall, spy software and change your passwords often. Use lots of different email addresses and passwords and keep that info on paper rather than anywhere else. Its funny how my grandfather was right that his pen and paper are safer, better than my computer...

Thanks again for all the assistance. And again, I am sorry for all of you that have gotten duped by this jerk. I hope to resolve it all quickly. if you have any info about this case, please forward all of it to undo at godaddy dot com and PM me what you send as well please. Be sure to include the domain names and feel free to reference me.

Thanks,
Matt

bigroxtar-

Off the top of my head:

Were you using the same password for both sites?

Were you ever hotspotting when logging into either site?

Are you behind a NAT'd router or directly connected to internet?

Wifi router without WPA encryption restriced to your MAC addy?

Do you frequent gambling or pr0n sites with Java enabled or browse with Java enabled? (good practice to uninstall any previous versions of Java and go to sun.java.com and install latest)

Antivirus current? (update at least 2X/week), OS criticals updated at least 1X/week (presuming you use Windows), Windows Defender & AdAware updated and run within past week?

Strong password: http://strongpasswordgenerator.com/ Good practice is to memorize a strong one and use derivatives of it for each site. Your email, Paypal, and eBay accounts should all be different passwords from any other site you use such as this one.

That's all I can think of for now. I hope the swine who did it gets served.

Thanks, great questions.

Not a pr0n or gambling fan, but I could certainly beef up security, as I am sure we all can. Good stuff, I hope your questions keep others from getting screwed.

big

 

[buckshotdots]

password

Great advice, especially the password advice. Rep added

gary-

bigroxtar-

Off the top of my head:

Were you using the same password for both sites?

Were you ever hotspotting when logging into either site?

Are you behind a NAT'd router or directly connected to internet?

Wifi router without WPA encryption restriced to your MAC addy?

Do you frequent gambling or pr0n sites with Java enabled or browse with Java enabled? (good practice to uninstall any previous versions of Java and go to sun.java.com and install latest)

Antivirus current? (update at least 2X/week), OS criticals updated at least 1X/week (presuming you use Windows), Windows Defender & AdAware updated and run within past week?

Strong password: http://strongpasswordgenerator.com/ Good practice is to memorize a strong one and use derivatives of it for each site. Your email, Paypal, and eBay accounts should all be different passwords from any other site you use such as this one.

That's all I can think of for now. I hope the swine who did it gets served.

 

[Ninformer.com]

I did like to add some more points to this.I have seen that its a habit that when people sell their websites to someone they just send in the website files as it is.They dont even bother to change the passwd details of Mysql connections(which of most 70% will be the same password used for email,godaddy etc) The buyer can easily try his luck using that password to access your belongings.These are some of the silly things we can avoid.

 

[networkmsia]

I did like to add some more points to this.I have seen that its a habit that when people sell their websites to someone they just send in the website files as it is.They dont even bother to change the passwd details of Mysql connections(which of most 70% will be the same password used for email,godaddy etc) The buyer can easily try his luck using that password to access your belongings.These are some of the silly things we can avoid.

Thanks for the tip. very good advice there.

 

[NameCharger]

The lesson here is maintain high security on your comp. Nice firewall

Good firewall software is essential, but if you don't have a hardware one in place, definitely get a router to filter out unwanted traffic.

I use a cable modem and was finding that after bootup and doing absolutely nothing, within 15 minutes I would receive 6MB incoming traffic!! I checked my firewall logs and the majority of it were DCOM port requests which look for Windows exploits.

I put a router in place and now after booting up, after my pc authenticates with ISP, no unwanted traffic. The router blocks it all.

I picked up a like new $80 Linksys router from a seller on ebay for $34! Linksys uses Cisco internals and I've found them to be solid, reliable pieces.

Good practice is to immediately change your default router password to something much stronger than "admin" or "default". Hackers know good and well what the default passwords are:

Default logins and passwords for routers

Most newer routers don't broadcast the manufacturer & model, but all a hacker has to do is park in an area, find all the wifi networks available, run a script that runs through the default password list and if you haven't changed the password, you become a hotspot. If you have an unpatched machine, he/she may be able to plant a trojan and compromise it.

Conversely, this is why you shouldn't hotspot: someone can intentionally setup a wifi router on a separate subnet to lure hotspotters in and setup a sniffer on the router.... snagging everything you type!

Good practice for storing passwords: Keep a spreadsheet with your site URLs only, print a hard copy, then handwrite the account numbers/logins/passwords and store it in a secure location.

I've been going through the process of helping my father in law instill basic security measures after his ebay/paypal accounts were both compromised and the scum who did it tried to list 150+ cars totaling over $50,000 in listing fees! Thank God ebay's system realized the account was compromised and reversed all the charges.

 

[Dave_Z]

Good practice is to memorize a strong one and use derivatives of it for each site. Your email, Paypal, and eBay accounts should all be different passwords from any other site you use such as this one.

Yup. It's even good practice for all your brain cells, and I mean that.

Good luck to all of you experiencing this issue discussed here. Stay safe.

 

[Dan]

I will forward this link to godaddy who seems to be trying to get them back. Although I haven't heard from them directly, I did recieve 4 .orgs back into my account.

So you're going to be taking my domains back? If I file a dispute, I'll be taking the money from asianinvasion who only has 20% of it. This will be crap for him (if I could even win the dispute.)

 

[IAmAllanShore]

So you're going to be taking my domains back? If I file a dispute, I'll be taking the money from asianinvasion who only has 20% of it. This will be crap for him (if I could even win the dispute.)

There's really no other option...

Everybody has to do the best to get back what was theirs to begin with. Not to sound trite, because I've been burned before (And used my siggy as revenge ), but caveat emptor - and if something looks like a great deal, tread carefully.

Short of calling the whois contacts of every domain before you buy (And even this not being foolproof), I'm not entirely sure what to advise.

What I will say is that asianinvasion needs to take point on getting his money back directly from the fraudster (And an update from him would be great), as he was, unfortunately, the "patsy" who played the perfect middle-man.

Bigroxtar needs his domains back.
At least 3 people need their money back here alone - not discounting what this guy has been up to elsewhere, but at least the "bleeding stopped" here soon enough to avoid more of our members falling prey.

"Ups" to zesty for watching out.

asianinvasion could solve part of the problem by refunding the money to Dan, thereby avoiding chargeback situations towards his account (asianinvasion's).

Tell me where I'm wrong

-Allan :gl:

 

[zestydomains*com]

Hello All,

A Thank you to all who've offered help and support.

I feel for those who bought from this theif. Please do what you need to do to get your money back with Paypal.

Matt's making some good headway in getting his domains back. The police at various levels are involved and several have already been returned.

This is a tough lesson in the world of domaining for a lot of innocent folks. As is true in many things, it really pays to know who were doing business with and to always do the proper due dilligence when buying. On the other side, it also pays to go the distance to secure what is valuable. Sorry for a tough situation Dan. Sorry to others who got caught up in this (AsianInvasion). Hopefully this will all be concluded soon and this can be put behind us.

Thank you,
zesty

 

[alanchau]

Look at it this way - if your jewellery were stolen, and the thief then sold it off to a jeweler, you would expect the jeweler to give you back the jewellery and eat the loss? You need to take it up directly with the police and PayPal, as in real life. Tangible goods are no different. I was tracking the LLL.org domains, and I'm pretty sure that the thief voluntarily pushed the domains back over to you. I can attempt a PayPal dispute, however it will most likely be rejected since it is for tangible goods. Yes, I may have been a "patsy" as Allan so called mentioned, however you should expect others just as innocent as you to eat your loss because of you inability to secure your own accounts.

 

[alanchau]

It appears that Dan has initiated a PayPal dispute with the false statement: "Domains were taken back via GoDaddy. I have paid $200 and now have nothing."

Strangely enough, it still displays him as the holder of the domains.

bigroxtar: Please update on your current situation.

 

[Dan]

You want to see a screen shot of my account at GoDaddy? The domains were taken back.

Strangely enough, you don't seem to want to help get the money back from the thief.

 

[alanchau]

The only thing that I can do right now is initiate a PayPal dispute, and I'm currently waiting for him to update us on the situation between him and GoDaddy.