MTB
Established Member
- Impact
- 561
I recently registered an expired .com domain and set up a generic e-mail address. Within a few hours I was receiving emails intended for the previous registrant. One of the emails was from Facebook, and included a direct log-in link, which I clicked on (for curiosity, probably illegal) just to see if Facebook security was working. Unbelievably the link sent me direct to the previous user's Facebook account without asking for a password! I immediately logged out and contacted the previous registrant.Turns out they lost access to their e-mail account after changing telephone number, changed e-mail address and didn't receive the domain renewal e-mails.
The registrant later told me that they had previously set-up email forwarding on several generic e-mail addresses on the domain I registered, which all directed to a Gmail account - and the old registrant was receiving e-mails intended for me!
The registrant later told me that they had previously set-up email forwarding on several generic e-mail addresses on the domain I registered, which all directed to a Gmail account - and the old registrant was receiving e-mails intended for me!