GoDaddy Gave a Domain to a Stranger Without Any Documentation

[dnsassistant]

https://anchor.host/godaddy-gave-a-domain-to-a-stranger-without-any-documentation/

 

[draco]

@GoDaddy any comment?

 

[bmugford]

Some troubling allegations here.

Domain moved internally by GoDaddy, despite account security.

The wrong domain was moved.

As well as GoDaddy seemingly not doing much to fix their error.

Brad

 

[Brian L.]

I’ll certainly be moving all domains out of @GoDaddy if this report turns out to be accurate.

 

[Joe drake]

I used to be up over 3,000 domains at GoDaddy. I’m down to around 20 now.


Over the years I’d occasionally notice names just missing. Not right away… sometimes months later when I’d go looking for something. I always assumed it was on me—missed renewals, forgot something, whatever—but honestly it never fully added up.


Then I read this:


https://anchor.host/godaddy-gave-a-...ut-any-documentation/?utm_source=namepros.com


If that’s even remotely accurate, a domain got transferred to the wrong person with no real documentation, and it only got sorted because the recipient stepped up and reported it. That’s not a small thing.


What really made me pause though…


I was recently approached about moving my entire portfolio—all 9,500+ domains I currently own—back to GoDaddy.


Not a handful. Not a sample batch. Everything.


And the pricing they came back with is honestly something I haven’t seen before. It doesn’t really line up with what you’d expect even under Discount Domain Club.


So I’m sitting here looking at it a bit sideways.


On one hand you’ve got aggressive pushes to bring large portfolios back in at unusually low transfer pricing.


On the other hand you’ve got stories like the one above where a domain can apparently end up in the wrong account without the right checks and balances catching it.


Maybe it’s all coincidence. Maybe it’s just edge cases.


But once you’re talking about thousands and thousands of domains, even “rare” stuff starts to matter.


Curious if anyone else has ever had names just quietly disappear over the years and only realized it way later.

 

[domainlover2017]

Hi Guys!

Godaddy is good if you sell domains that are not registered in godaddy because sometimes it happens that they move our domains without prior notice just because someone else listed it and activated Fast Transfer.

 

[Joe drake]

Hi Guys!

Godaddy is good if you sell domains that are not registered in godaddy because sometimes it happens that they move our domains without prior notice just because someone else listed it and activated Fast Transfer.

That logic really doesn’t hold up. If anything, it proves the opposite.


The smarter move is to keep your domains at a registrar that isn’t tightly tied into GoDaddy Fast Transfer. You can still list on Afternic, but you’re not exposing yourself to a system where a listing error or bad sync could potentially move a name or send money to the wrong person.


That’s the real issue here—too much blind trust in a flawed system.


Domaining isn’t some side hobby anymore. There’s real money on the line, and yet we’re still dealing with problems that would be completely unacceptable in any serious financial environment. Imagine a stock brokerage accidentally transferring your shares because someone else listed them—would never happen.


Until these platforms tighten things up, it’s on us to manage risk properly. Relying 100% on Fast Transfer across partnered registrars just isn’t as “safe” as people make it sound.

 

[Jannes]

What was the main argument for building your business on your own domain instead of a social platform? GoDaddy just made it a moot point. At least social platforms will send you a message when they destroy your business on a whim.

Pay attention to what people are learning from these horror stories:

https://twitter.com/x/status/2048610638826762326

 

[Embrand]

I would never use GoDaddy if I didn't have an account manager there. And even with an account manager, they are only my secondary registrar.

 

[pb]

If I counted on my fingers how many times the authorities (the police, attorney office etc.) contacted me about a wrong domain (e.g. some scammer used domain24.xyz and I have domain.xyz, or there was a phishing site at blablacom.online and I have blabla.com - you get the picture), I would have to grow an extra pair of hands, or two.

BUT it always ends in explaining the matter and pushing them in the right direction, maybe sometimes an awkward but friendly interrogation, I never lost a domain that way. More importantly, while the IT competence of the authorities might often be called into question, we absolutely should expect it from a registrar, let alone the biggest one. I realise that it was mostly handled by ordinary support staff, but I am surprised that even escalation didn't help to resolve the matter. Maybe they just sit around counting days before getting replaced by the AI...

 

[Aleksi]

Ooh, what a surprise! Using GoDaddy for a real business is like having fun with a village bicycle without protection. Just the thought makes me itch.

A real company should always use service like Safenames to prevent the itchy dic... domain.

 

[SpareDomains]

I never lost a domain at GoDaddy but many years ago they turned the switch off on one of mine. In the end I got everything sorted due to my escalation but the experience brought me to the realization that I can't sleep with my names there as their legal department was quick to pull the trigger with what I thought was 0 evidence or reason to more of an act first question it later. I know a few others this has happened to as well as they were fooled by false legal claims. I sleep fine now as I gave up my account rep and have held 0 domains at GoDaddy for a good handful of years now.

 

[dnsassistant]

Since Registrars are not required to provide 24/7 security monitoring for your domain beyond ICANN mandated policies which were written in 2009/2010 respectively, plus they do not seem to mandate any insider threat policies. Let me ask you a question?

Is there a fee you would pay per domain to monitor and get real-time alerts when these threats occur?

 

[URL Stream]

Is there a fee you would pay per domain to monitor and get real-time alerts when these threats occur?

Fee?!

It should be a basic feature embedded in every registry.

 

[dnsassistant]

Fee?

It should be a basic feature embedded in every registry.

Ideally the Registry should justify their fee by providing built in security services, just taking 9$ for a db entry in and out with 88% profit(?) is absurd. But will they? I doubt it. Monopolies don't listen to little ants needs.

 

[johnn]

I did not pay any fee. My wife checks the names everyday.

 

[web3dev]

This is scary. Luckily the recipient had the right instinct to return it to the rightful owner. But GoDaddy's negligence is worrisome.

 

[bmugford]

Security is kind of pointless if the domain can just be transferred internally by GoDaddy, in error.

You could have two-factor, DTVS, etc. It doesn't really matter.

It makes me feel less secure when I just randomly received a "Here's your one-time support code" email from GoDaddy.

They happen from time to time, usually when people are confused about domains. However, it can also happen for nefarious reasons.

@GoDaddy needs to address this. As a registrar, there is nothing more important than domain security.


Brad

 

[bmugford]

Mistakes might happen, but it seems like someone really dropped the ball here.

GoDaddy was apparently no help to the rightful registrant.

The actual registrant would have been completely screwed if the receiving party did not return the domain, which was allegedly moved in error with limited or no documentation.

Brad

 

[CashproofAi]

https://anchor.host/godaddy-gave-a-domain-to-a-stranger-without-any-documentation/

This is highly sensitive and an alarming situation. Action should be taken against GD immediately.