IT.COM

GoDaddy account domain theft

NameSilo
Watch

falconwood

New Member
Impact
7
I have been collecting and selling domain names for over 20 years. Now, 29 of my domain names have been hijacked from my Godaddy account. Anyone else have this happen to them? My attorneys and I have already made complaints to ICANN and the FBI.
Please be aware of stolen domain names - each one has a story and a personal connection to me:

ZANTAR.COM, ZATA.COM, YETTA.COM, PODZ.COM, WINGDALE.COM, PROSAIC.COM, PETLEASE.COM, ONESEC.COM, ONLINEMED.NET, ONLINEBRAIN.COM, NAMEDOM.COM, MILLERTON.COM, MICROGIRL.COM, MENTAX.COM, JENIL.COM, INTERACTIVEBRAIN.COM, IHOPI.COM, HOPPIE.COM, HARLEMVALLEY.COM, FUTURETRIP.COM, FANAX.COM, FALCONWOOD.COM, FAGAT.COM, EYEBROWDESIGN.COM, DOVERPLAINS.COM, DOGTAIL.COM, CLONECLOTHING.COM, ADSEC.COM, ACALS.COM.
 
5
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
These seem to be pretty valuable domains.. :wideyed::wideyed:

Any update?
 
Last edited:
0
•••
Hope you get them back. If a name is stolen, GDPR helps the thief. All they need to do is guess the eMail.
 
0
•••
0
•••
Hmm, hard to believe this is a true story.
Sample (developed site):
eyebrowdesign.com
Registration Date:2006-02-08
Expiration Date:2019-02-08
Updated Date:2015-05-02
 
1
•••
I've seen ihopi around here a few times, I remember AlejandroGarcia was trying to sell it and he had been involved in transacting a few other domains that had been stolen - I forget the details, anyone know the thread I'm talking about? Prosaic sold on Namejet a couple of months back...

Hope you can get your names back somehow. Always use 2-factor authentication though...
 
1
•••
ummm .. before everyone starts to jump on the pity-train ... how about we focus on the fact "Falconwood" not only registered today .. but has also left absolutely ZERO details of his situation.

This thread is complete click-bait .. and before any else wastes time trying to figure out what's what .. @falconwood .. how about you actually give specifics and details ..

As for everyone else .. I highly suggest not paying this thread any attention until such time as Falconwood does provide specifics as well as some way to confirm he actually ever was the domain owner .. and more importantly .. that he didn't start this thread simply to draw attention to his names or that he isn't in fact trying to sell them.

@falconwood .. sorry to be so confrontational if your situation is indeed true .. but you are not doing yourself any service by leaving out all the details! :-/
 
2
•••
We have a department that helps if there is a theft of a domain. If you contact support they can help you with this. It is really rare that there is a domain theft from us. I would recommend that everyone with even one domain uses 2 factor authentication.
 
4
•••
Hmm, hard to believe this is a true story.
Sample (developed site):
eyebrowdesign.com
Registration Date:2006-02-08
Expiration Date:2019-02-08
Updated Date:2015-05-02
Unfortunately it is true. I have been buying since I became aware of domain manes and had one of the first animated gifs on one of my first sites. This specific domain name was purchased at auction - most in the list are older.
 
0
•••
ummm .. before everyone starts to jump on the pity-train ... how about we focus on the fact "Falconwood" not only registered today .. but has also left absolutely ZERO details of his situation.

This thread is complete click-bait .. and before any else wastes time trying to figure out what's what .. @falconwood .. how about you actually give specifics and details ..

As for everyone else .. I highly suggest not paying this thread any attention until such time as Falconwood does provide specifics as well as some way to confirm he actually ever was the domain owner .. and more importantly .. that he didn't start this thread simply to draw attention to his names or that he isn't in fact trying to sell them.

@falconwood .. sorry to be so confrontational if your situation is indeed true .. but you are not doing yourself any service by leaving out all the details! :-/

What additional information would you like? I became aware of the situation when I noticed two of my 450+ names registered at Godaddy were 'not available' for changes, but listed on my account. I called Godaddy - this was April 23 - and they actually told me, over the course of an hour conversation, that 29 of the domains had been moved out of my account. 21 were still in other Godaddy accounts. They also said that someone had 'hacked into' my account several times and changed my passwords - which is why I had been having sporadic difficulty logging in over the course of several months.

I have hired attorneys. We have filed a complaint with ICANN. I have filed a complaint with the FBI's Internet Crime Complaint Center (IC3). Next are with State Police and the State AG office. What else would you like to know?
 
1
•••
What additional information would you like? I became aware of the situation when I noticed two of my 450+ names registered at Godaddy were 'not available' for changes, but listed on my account. I called Godaddy - this was April 23 - and they actually told me, over the course of an hour conversation, that 29 of the domains had been moved out of my account. 21 were still in other Godaddy accounts. They also said that someone had 'hacked into' my account several times and changed my passwords - which is why I had been having sporadic difficulty logging in over the course of several months.

I have hired attorneys. We have filed a complaint with ICANN. I have filed a complaint with the FBI's Internet Crime Complaint Center (IC3). Next are with State Police and the State AG office. What else would you like to know?

Also, all these domains are still listed for sale on my site - Moneygirl.com - you can check the date on moneygirl also! Falconwood has been my company name since 1994, my family's business since 1968. Yetta was my grandmother's name, Wingdale and Dover Plains are where we live, Dogtail is the street at the corner....what else can I give you except the domaintools whois info showing us as the owners before the theft?
 
0
•••
1
•••
What additional information would you like? I became aware of the situation when I noticed two of my 450+ names registered at Godaddy were 'not available' for changes, but listed on my account. I called Godaddy - this was April 23 - and they actually told me, over the course of an hour conversation, that 29 of the domains had been moved out of my account. 21 were still in other Godaddy accounts. They also said that someone had 'hacked into' my account several times and changed my passwords - which is why I had been having sporadic difficulty logging in over the course of several months.

450+ domain, and the thief only take 29 domains?

21 domain still on godaddy, there is 8 domain already move into another registrar company, as far as i know transfering out will need approval click from the whois email

password has been changed several times, why not change email along with the profile info?
 
0
•••
Basically their response to me was - 'get a Federal warrant' - when I asked if they had the IP addresses available for each touch to my account.
That is right. We will not give out any account info without a subpeona you can read how in the legal link on our site.
You should be emailing [email protected] for help with disputing domains that moved out of your account without your permission.
 
0
•••
Our attorneys have already contacted Godaddy. And the extremely rude Godaddy customer service supervisor I spoke with, who yelled at me on the phone that he ‘just had a call like this with another customer’ told me to get a warrant to get an answer to the question- does Godaddy HAVE the IP addresses - not can you GIVE me the IP addresses.

You’d think that after doing a great deal of business with a company over many years that they would be a bit more helpful.

Seems like this may be happening to quite a few of Godaddy customers.
 
0
•••
3
•••
Unfortunately these incidents will multiply from May 25th onward. The GDRP will make it impossible for independent researchers and domain theft victims to identify and track cybercriminals.

@Joe Styler has been extremely helpful in the past with the recovery of stolen domains. I'd like to believe that GoDaddy won't make it harder for domain theft victims to reclaim their stolen domains. There should be no necessity for legal action, when the proof of ownership is provided, and e.g. the owner's IP differs from the ones that accessed the account and transferred domains out.
 
3
•••
That is right. We will not give out any account info without a subpeona you can read how in the legal link on our site.
You should be emailing [email protected] for help with disputing domains that moved out of your account without your permission.

Joe, that wasn't the question.

Asking IF you have any information worth a subpoena is not itself a request for that information.

I don't know whether you are being intentionally evasive, or simply are not a careful reader. He was not asking you to give out any account info. He was asking a yes or no question as to whether there are IP address logs for the account.

He was asking IF GoDaddy had IP logs. He wasn't asking for any account info, or the logs themselves. Of course you do, and it does not require a subpoena to answer the question of whether you have them or not.

I'm going to give you the benefit on the doubt, and assume you simply did not read the post to which you were responding. How about if you actually answer the question asked -

Does GoDaddy maintain IP address logs of account access?

Suggesting that a subpoena is required to answer that question is just dumb.

(as a secondary point, if he was asking for logs of access to his own account, then he should be entitled to it. In fact, if he were a European customer, you would be required under GDPR to give it to him.)
 
5
•••
1
•••
1
•••
told me to get a warrant to get an answer to the question- does Godaddy HAVE the IP addresses - not can you GIVE me the IP addresses.

Either @Joe Styler doesn't understand the question or is pretending not to.

Of course, the notion that GoDaddy won't give you information about your own account without a subpoena is simply ridiculous on its face.

In point of fact, GoDaddy will give you a boatload of information about your own account without a subpoena, otherwise it would not function.

GoDaddy will certainly tell you what names are registered in your account, your transaction history, your contact data, your stored payment profiles, etc.. All of this information is of course accessible to you without a subpoena. You log in, and it's there. If Joe is trying to suggest that GoDaddy doesn't provide you with your own account data without a subpoena, then he might consider checking out the user interface some time.

What Joe seems to be trying to say is that, despite the fact that of course GoDaddy will give you information about your own account without a subpoena, and of course their system is designed to give you all kinds of information about your own account without a subpoena, they will not to give you login records for your own account without a subpoena.

Again, if you were a European customer, it would be illegal for GoDaddy not to provide you with their records relating to your own account.
 
Last edited:
7
•••
@Joe Styler so, just to be clear on what you are saying, GoDaddy will not provide a customer with access logs to their own account without a subpoena.

Is that correct?
 
0
•••
Joe, that wasn't the question.

Asking IF you have any information worth a subpoena is not itself a request for that information.

I don't know whether you are being intentionally evasive, or simply are not a careful reader. He was not asking you to give out any account info. He was asking a yes or no question as to whether there are IP address logs for the account.

He was asking IF GoDaddy had IP logs. He wasn't asking for any account info, or the logs themselves. Of course you do, and it does not require a subpoena to answer the question of whether you have them or not.

I'm going to give you the benefit on the doubt, and assume you simply did not read the post to which you were responding. How about if you actually answer the question asked -

Does GoDaddy maintain IP address logs of account access?

Suggesting that a subpoena is required to answer that question is just dumb.

(as a secondary point, if he was asking for logs of access to his own account, then he should be entitled to it. In fact, if he were a European customer, you would be required under GDPR to give it to him.)
I'm being intentionally evasive. As you know I am not a lawyer and I would prefer the customer deal directly with our legal department. I will not publicly comment on account specific information. He can contact our teams that will help him. We have services in place to assist customers with issues like this and have very little episodes of theft and very often are able to help customers out. We will bend over backwards to help our customers and I and the members of our legal team have done so on many occassions.
I am not sure if there are any ip logs or not for the account without looking at the specific account in question. I would not do that without account verification by the owner which he already stated he cannot access the account. Even then I would not comment publicly on his particular issue or account information.
For someone who cannot access their account or easily prove they are the account owner they need to contact one of our legal departments that will verify their identity and help them regain access to the account as needed and assist them with their domains. I am not comfortable making a judgement call that this is the owner of the domains. I prefer verifiable facts and the legal team looking over the account to grant access to the legitimate owner. I think it is unwise to do otherwise.
We have ways to help people to gain access to their account and their information that are easy enough for the owners to do and safe enough to protect all parties involved. Beyond that I am unwilling to comment on specifics of any account publicly especially where there is a potential for legal action as I am sure you can understand.
 
7
•••
To be clear though we will certainly help the account owner and have systems set up to do so that have been very effective in the past.
 
1
•••
I think this is a practical issue: for account owners, provide a history of IP connections to that account. Many other domain registrars do that. Some registrars even provide the ability to restrict account connections - even with the correct credentials - to specific IP ranges only.
 
Last edited:
5
•••
Back