alert Help! My sme.com got stolen at Enom central

[jcc]

My domain name SME.COM registered at enomcentral.com got stolen. The expiration date was 10/23/2017 and today I just checked and found that it has been stolen and moved to 1and1.

What should I do now? Please help ASAP. I have hundred of domain names with enom for over 10 years and never got stolen before.

 

[jcc]

It has moved to name.com not 1and 1, the name servers are of 1and1 and whois says its chinese. email contact details note down everything

Yes, my mistake. Thank you for pointing this out.

 

[Armageddon]

My domain name SME.COM registered at enomcentral.com got stolen. The expiration date was 10/23/2017 and today I just checked and found that it has been stolen and moved to 1and1.

What should I do now? Please help ASAP. I have hundred of domain names with enom for over 10 years and never got stolen before.

My opinion:
RIGHT DIRECT TO ICANN/OPEN A LETTER SECTION COMPLAIN
IT'S VERY EFFICIENT. THEY HAVE A SECTION FOR THIS KIND OF PROBLEMS, UNAUTHORIZED TRANSFER ETC..

 

[kandyan]

Oh Man, That's sad to hear.. Hope things will turn out well for you..

 

[jcc]

My opinion:
RIGHT DIRECT TO ICANN/OPEN A LETTER SECTION COMPLAIN
IT'S VERY EFFICIENT. THEY HAVE A SECTION FOR THIS KIND OF PROBLEMS, UNAUTHORIZED TRANSFER ETC..

Thank you.

 

[jcc]

Oh Man, That's sad to hear.. Hope things will turn out well for you..

Thank you.

 

[Armageddon]

https://forms.icann.org/en/resources/compliance/complaints/transfer/form
https://www.icann.org/compliance/complaint

 

[jcc]

My opinion:
RIGHT DIRECT TO ICANN/OPEN A LETTER SECTION COMPLAIN
IT'S VERY EFFICIENT. THEY HAVE A SECTION FOR THIS KIND OF PROBLEMS, UNAUTHORIZED TRANSFER ETC..

I have reported the issue to ICANN's unautorhized transfer section. Thank you very much. Really appreciate your info.

 

[jcc]

https://forms.icann.org/en/resources/compliance/complaints/transfer/form
https://www.icann.org/compliance/complaint

Thank you very much. I've just finished.

 

[DaveX]

I assume you were not using TFA?

 

[jcc]

I assume you were not using TFA?

what is TFA?

 

[DaveX]

Two Factor Authentication

(You log in, then have a second layer of security.)

 

[Grilled]

i'm trying to remember the name of the guy here who has tons of experience recovering stolen stuff.. someone will surely rememnber and tag him

The man, or legend, you speak of is @TheLegendaryJP

 

[Grilled]

I'm looking into it as well, though no way as skilled or experienced as the legend.

How long have you owned the domain for?

At first glance I noticed something odd - the nameservers has been set to 1AND1 for years... (maybe there's a valid explanation)

Sometime between 12/2012 and 04/2013 - the nameservers were changed from NS1.SedoParking to NS51.1and1.com.

SME.com is currently registered with Name.com (maybe a reseller affiliate - but for sure through them)

I assume the transfer occurred on the last update date: 28 May 2017

The current registered owner of SME is: Tien Chen

Tien Chen is/was affiliated with one other domain: UPTW.com

UPTW.com is currently registered under privacy, however, I have the previous Taiwan address Tien used for WHOIS registration change. PM me if you think this will help, and I'll send it to you.

 

[jcc]

I'm looking into it as well, though no way as skilled or experienced as the legend.

How long have you owned the domain for?

At first glance I noticed something odd - the nameservers has been set to 1AND1 for years... (maybe there's a valid explanation)

Sometime between 12/2012 and 04/2013 - the nameservers were changed from NS1.SedoParking to NS51.1and1.com.

SME.com is currently registered with Name.com (maybe a reseller affiliate - but for sure through them)

I assume the transfer occurred on the last update date: 28 May 2017

The current registered owner of SME is: Tien Chen

Tien Chen is/was affiliated with one other domain: UPTW.com

UPTW.com is currently registered under privacy, however, I have the previous Taiwan address Tien used for WHOIS registration change. PM me if you think this will help, and I'll send it to you.

I owned the domain name for over 10 years. I might have set the DNS to 1and1 long time ago. I'm not sure. I haven't been using it for a while. I'll contact you.

 

[Acroplex]

Follow up on the form eNom asked you to fill out. They will initiate a request for reversal, once you provide them with the necessary information. Also contact Name.com, the current registrar, so that they freeze the domain before it gets transferred out to some damn Chinese registrar.

 

[jcc]

Follow up on the form eNom asked you to fill out. They will initiate a request for reversal, once you provide them with the necessary information. Also contact Name.com, the current registrar, so that they freeze the domain before it gets transferred out to some damn Chinese registrar.

Yes, I did. eNom replied that they're investigating.

 

[Name Trader]

Follow up on the form eNom asked you to fill out. They will initiate a request for reversal, once you provide them with the necessary information. Also contact Name.com, the current registrar, so that they freeze the domain before it gets transferred out to some damn Chinese registrar.

Neither of these two actions helped me with a stolen domain at eNom > GoDaddy. GoDaddy wouldn't accept my communication as valid. They wanted to receive communication from eNom directly. But they refused. By 3 directors, who got involved. They even broke their own ToS to refund me my purchase price, on their auctions. They claimed a loophole was actually a feature. However, they closed the loophole subsequently..

 

[jcc]

Update: Name.com locked the domain name for investigation.

 

[TheWatcher]

Thanks. This shouldn't happen. Anyone else has the same issue with enom?

I've been with Enom since 2000, no single issue of stolen domain name. Did you activated the two-factor authentication?

If you don't use this extra security, whether Enom, GoDaddy or other registrar will be the same result.
Good luck with your domain names and I hope you get it soon.

 

[Acroplex]

eNom has had a known security issue with the enomcentral portal. Someone still takes advantage of that or a similar flaw.