question How can domains be stolen? Submit ways or Experience or if you've done it (lol)

[WhoaDomain.com]

I've read many threads on here about domains being stolen. And it always makes me wonder HOW? Seems impossible. Perhaps the more we talk about it the more we can protect ourselves from it.

so I thought why not start a "How do domains get stolen?" Thread.

That way we have one thread that can be reference instead of scattered "stolen" stories here and there. Hopefully people will contribute their experience. and even better. if someone is cocky enough and using a fake NP account they will share. ( I know most people who have done bad things love to "show off" how they did it. It's no fun unless people know you got away with it. I've seen documentaries on TV where they block the person's face and voice to hide their identity. I bet one of these criminals is bold enough to come here and expose to us the "tools of the trade" and how it's done. Let's see!)

So you will be first?

and criminals? come here and brag if you dare.

 

[MasterOfMyDomains]

I don't think it's a great idea to provide a how-to guide for would-be domain thieves.

As a domain owner, your best protection against domain theft is to keep your contacts up-to-date, keep your registrar username and passwords secure, enable two-factor authentication at your registrar whenever available, and protect your email accounts. Be careful of phishing attempts and weary of any requests you get to update your domain contact information or authorize transfers to other registrars.

Ignoring any of these steps can lead to a thief gaining control of your domain.

Thanks RJ for the info. As for the link spoofing in emails, this should be one of the first things you learn when you get an email account. I get them for paypal, apple, so it's not just domainers.
If anyone wants to know how to rip people off in this business, look up Dicker or Bellone
They could write an even longer novel

 

[briguy]

Thanks RJ for the info. As for the link spoofing in emails, this should be one of the first things you learn when you get an email account. I get them for paypal, apple, so it's not just domainers.

Yes..but remember not everyone internet savvy ( that why those scammers still exist) you may know about that spoof address (I didnt till after five years on the net) ...I just posted it for any lurkers or members, who didnt know about it..

Dont use Apple but didnt know they had one..

 

[Cdomains]

Is there a way for the baddies to transfer domains out without thee owner finding out?

Most good registrars provide several emails during the transfer that would alert you during the process that a transfer was happening, giving you enough time to do something about it.

Of course if they get control of your account they could change the email address for the account and you would not know unless they send out an email telling you the email address for the account has been changed.

If you miss that one, you are really screwed!

 

[WhoaDomain.com]

Thanks RJ for the info. As for the link spoofing in emails, this should be one of the first things you learn when you get an email account. I get them for paypal, apple, so it's not just domainers.
If anyone wants to know how to rip people off in this business, look up Dicker or Bellone
They could write an even longer novel

Wow!!!!!! Lol

No comment!

 

[RJ]

Another precaution- don't log into your registrars from internet cafes or public computers. A keylogger can steal your login information and your domains. I remember hearing a domainer lost his names at a popular registrar in this fashion.

 

[Cdomains]

A keylogger can steal your login information and your domains.

This can also happen on your home PC if you are dumb enough to download and use software from questionable sources or if you plug foreign USB drives into your computer.

 

[WhoaDomain.com]

This can also happen on your home PC if you are dumb enough to download and use software from questionable sources or if you plug foreign USB drives into your computer.

As for keyloggers and such I have McAfee and Malwarebytes as a combo.

Sometimes McAfee takes too long to update the latest threats. Malwarebytes does this weekly.

 

[Kenny]

Avatar629,

I've seen you mention in a couple of threads that you have thought you have reg'd names, then looked only to find them not in your acct..
You said you don't like to log in to you your acct / accts because your PW is so complicated. Ok, whatever.

One thing you can do is get a Domain Manager. There are several to choose from, depending on the size of your portfolio, what functions you require, how much you want to spend.
You can easily view all your domains, where they are reg'd, expire dates, NS, Contact info... etc.
Do a G search, or, as I suspect you might, start a thread , and ask the members which ones they use. Some members have even designed custom managers... you'll see.
Back when my port was several hundred names, and scattered around several reg houses I found Domain Punch Pro suited my needs. ( I still have it, just not as many names )

Anyways, I'm sorry to go OT, but since you mentioned you wondered if you were losing / getting names stolen from your acct., I thought this might be a possible solution.

Peace,
Cyberian

And it will also tell you when any changes have been made to your domains every time you open it, which you will on a daily basis.

 

[Cdomains]

I've tried several software apps and systems for keeping track of my names, but always seem to come back to a simple spreadsheet, and I have a lot of names to manage spread over many registrars.

Seems to work OK for me.

 

[bobbarato]

Afternic / godaddy?

 

[disaac81]

Social engineering....

 

[martinrussell]

Yes..but remember not everyone internet savvy ( that why those scammers still exist) you may know about that spoof address (I didnt till after five years on the net) ...I just posted it for any lurkers or members, who didnt know about it..

Dont use Apple but didnt know they had one..

In the last year or so the volume of mail telling me that I've logged in to my Apple iTunes account has grown exponentially. Even if you are not a hardware user odds are if you buy music / movies / apps you have an account…

 

[xr reality]

I have been receiving alot of phishing emails lately for update details for whois a quick scan over these emails sees these are cloned email.

Always be wary about clicking on links just go to the register and login if in doubt just click support shoot them an email or click live chat.

 

[ison]

Phishing emails are now more dangerous than ever. The newer ones are incredibly authentic, complete with spoofed URL addresses and email adds that will appear legit even when moused-over. Last year, even John Podesta, former chairman of Hillary Clinton's campaign, fell prey to a phishing email from Russian-based hackers.

As an aside, the most explosive email in Podesta's leak, IMO, is an exchange between him and Edgar Mitchell, a former NASA astronaut. Excerpt:

Because the War in Space race is heating up, I felt you should be aware of several factors as you and I schedule our Skype talk. Remember, our nonviolent ETI from the contiguous universe are helping us bring zero point energy to Earth. They will not tolerate any forms of military violence on Earth or in space.​

Source

 

[martinrussell]

And another thing: Never trust your webhost / IT guy or gal or anybody else to register or manage domains on your behalf. Professional and personal relationships fall apart, and you could be left wondering "what just happened" here?!

Real estate agents come to mind, and we are still trying to BUY back a domain for a client who left it to his former partner to "handle our interweb." It's a big Saudi developer with crazy deep pockets and his ex knows it. And, because of the way they constructed the paper work he's basically screwed. Another bought vacation rental condo style buildings for deep 7 figures from a seller with numerous similar properties… and neglected to include the related domain names. Seller now forwards to their own sites.

 

[wwwweb]

This thread should be closed, the only people who will index it will be up to no good, we don't need insider tips.

 

[todaygold]

And another thing: Never trust your webhost / IT guy or gal or anybody else to register or manage domains on your behalf. Professional and personal relationships fall apart, and you could be left wondering "what just happened" here?!

Seeing as how this is a forum for domainers, I'm pretty sure you don't have to worry about that.

 

[martinrussell]

Seeing as how this is a forum for domainers, I'm pretty sure you don't have to worry about that.

Maybe. But more than a few are in the hosting business too.

 

[todaygold]

Maybe. But more than a few are in the hosting business too.

Which has what to do with a web designer? Perhaps you do not understand what a host is...they provide space for you to host your website, they don't build it. Even if they offered website building services, they aren't at risk of having their domain stolen, only their clients would be...and there clients aren't the ones reading this.

 

[Cdomains]

Which has what to do with a web designer? Perhaps you do not understand what a host is...they provide space for you to host your website, they don't build it. Even if they offered website building services, they aren't at risk of having their domain stolen, only their clients would be...and there clients aren't the ones reading this.

What he is saying is that sometimes people trust their web designers to reg their domains for them.

Sometimes when they do this they put the reg information in their own name and use their own email address.

Down the road, when there could be a falling out between you and your web designer, he will have control of your domain name and will effectively own it.

 

[todaygold]

What he is saying is that sometimes people trust their web designers to reg their domains for them.

Sometimes when they do this they put the reg information in their own name and use their own email address.

Down the road, when there could be a falling out between you and your web designer, he will have control of your domain name and will effectively own it.

I understand what he is saying and that is true. But my 2 points are...1. This doesn't apply to domainers on this forum, because we don't ask web designers to register our domains. 2. Since this thread is geared mainly towards domainers, the intent was to discuss how domains get stolen out of our accounts...ex. though hacking, social engineering, etc. What he said has nothing to do with that...in addition, whether or not the domain was really 'stolen' when the client signed a contract for the web designer to make the site live and register the domain is up for debate. As another example, many web designers keep the copyright of their design...so even after you pay them for their services, if you discontinue using them, they can tell you that you are not allowed to keep using their design...does that count as stealing your money as well? Another gray area...but overall, not something relevant to domainers.

 

[sirlordcomic]

I don't think it's a great idea to provide a how-to guide for would-be domain thieves.

As a domain owner, your best protection against domain theft is to keep your contacts up-to-date, keep your registrar username and passwords secure, enable two-factor authentication at your registrar whenever available, and protect your email accounts. Be careful of phishing attempts and weary of any requests you get to update your domain contact information or authorize transfers to other registrars.

Ignoring any of these steps can lead to a thief gaining control of your domain.

QFT. Reported the OP.

 

[todaygold]

QFT. Reported the OP.

Agree 100%.

 

[RJ]

QFT. Reported the OP.

Agree 100%.

Care to explain?

 

[creataweb]

Guys should have some respect for RJ .... come on.