I have been stolen

[domainman]

The thief accessed my Register.com account through the email [email protected]
Btinternet is an ex-free email service.

Stolen domains:
xn--automvel-z3a.com(car in portuguese)
xn--frum-qqa.com(forum in portuguese)
xn--imsica-qya.com(music in portuguese)
xn--prmios-jva.com(prizes in portuguese)
xn--cartes-sxa.com(cards in portuguese)
xn--imveis-cxa.com(real estate in portuguese)
xn--buscap-gva.com(fireworkses in portuguese)

My old Whois still continues on Register.com
After reading this topic, the thief will probably change it

###############
###############
Organization:
HOST MASTER
HOST MASTER
CX. POSTAL 0324
SALVADOR, BA 40220
BR
Phone: +1-775-878-1278
Email: [email protected]

Registrar Name....: Register.com
Registrar Whois...: whois.register.com
Registrar Homepage: http://www.register.com

Domain Name: XN--AUTOMVEL-Z3A.COM

Created on..............: Mon, Feb 26, 2001
Expires on..............: Wed, Apr 26, 2006
Record last updated on..: Thu, Aug 04, 2005

Administrative Contact:
HOST MASTER
HOST MASTER
CX. POSTAL 0324
SALVADOR, BA 40220
BR
Phone: +1-775-878-1278
Email: [email protected]

Technical Contact:
HOST MASTER
HOST MASTER
CX. POSTAL 0324
SALVADOR, BA 40220
BR
Phone: +1-775-878-1278
Email: [email protected]

Zone Contact:
HOST MASTER
HOST MASTER
CX. POSTAL 0324
SALVADOR, BA 40220
BR
Phone: +1-775-878-1278
Email: [email protected]

Domain servers in listed order:

DNS35.REGISTER.COM 216.21.234.88
DNS36.REGISTER.COM 216.21.226.88

###############
###############



The new Whois on Namesdirect

###############
###############
Registrant:
JOB COLLECT
575 8TH AVENUE
NY, NY 10018
US

Registrar: NAMESDIRECT
Domain Name: XN--AUTOMVEL-Z3A.COM
Created on: 26-FEB-01
Expires on: 26-APR-07
Last Updated on: 28-NOV-05

Administrative, Technical Contact:
COLLECT, JOB [email protected]
JOB COLLECT
575 8TH AVENUE
NY, NY 10018
US
(212) 594.9880
###############
###############



Sorry, my poor english.

Regards.
Anderson

 

[vip-ip]

Thanks for letting us know :tu: Unfortunately NamePros can;t help you get it back; people here may only give you some tips about recovery.

Try to contact the registrar about this issue.

 

[domainman]

The reply that I obtained of the Register.com

#####
Thank you for you contacting Register.com.

Unfortunately, once domain names are transferred away from Register.com, we are unable to get them back.

The domain name registration service provided by Register.com is on a 'first come, first serve' basis. Register.com does not determine the legality of domain names registered through our site. The person or organization applying for registration is solely responsible for selecting and maintaining the continued accuracy of the registration record.

Thank you for choosing Register.com, recognized for “An Outstanding Customer Service Experience” by J.D. Power and Associates.
#####

 

[Peter]

if your information was upto date then you have fulfilled your obligation and the problem is on them.

What I would suggest is to check if register lock is enabled and also if the email address is still yours in the whois. If it is then try and initiate to a different registrar.

 

[bluesman]

If they already stole your stuff, you're screwed. But nobody could have done so in the first place, if your domain names had been properly locked. That's what they invented locks for, after all. I'm very sorry you had to find that out the hard way.

Remember that anyone having the fully criminal intent to STEAL your domains to begin with, will therefore certainly not hesitate at all to also LIE by saying that he's the rightful owner merely seeking a routine transfer.

 

[Peter]

bluesman if someone manages to hack your account with your registrar then a domain lock is going to do you no good whatsoever, they can simply disable it.

 

[bluesman]

bluesman if someone manages to hack your account with your registrar then a domain lock is going to do you no good whatsoever, they can simply disable it.

Is that why you suggested to the guy "to check if register lock is enabled"?

But obviously, if the domain name logged at your registrar is locked but someone STILL hacks into your entire account, then you're talking about a much bigger problem. Then they'd have access to hundreds of names to do with as they pleased!

Such catastrophes happen very rarely, of course. Most losses of names occur only as "potshots," when a guy accidentally leaves one or two individual names unlocked after making some minor changes and forgetting to lock 'em back up again.

BTW, Domainman, maybe I missed something there but how can an intruder get into an unrelated domain account site via an email addy? Domain registrars ask for a private user name, as well as a password before you can enter it. So how could the stranger know both your user name and your password?!

 

[RJ]

Since the names have been transferred to a new registrar, you can contact them and notify them the names have been stolen. Some registrars are better than others about helping with stolen domain. I'm not sure about Namesdirect.

I fear that if the theif has full control of your email address though you may be facing a long and expensive battle in getting your names back.

 

[bluesman]

I fear that if the theif has full control of your email address though you may be facing a long and expensive battle in getting your names back.

That's another good point - how the heck did the thief not only get your domain user name and your domain password, but also full control of your email site, which ALSO requires a password to get into? (I presume he's now also changed the email site's password, so you can't get in.)

But HOW did he get all this detailed private info of yours? I get the feeling we're not hearing the whole story here. This case is just getting more and more crazy!

 

[Genialnames]

That's another good point - how the heck did the thief not only get your domain user name and your domain password, but also full control of your email site, which ALSO requires a password to get into? (I presume he's now also changed the email site's password, so you can't get in.)

But HOW did he get all this detailed private info of yours? I get the feeling we're not hearing the whole story here. This case is just getting more and more crazy!

I agree, also I wonder if would be praticable that a some measure to assure more security to domain names could be taken.
For istance the process to transfer a domain to another person could be accompained with a special key .
The ICANN release the key on request of the actual owner.
The process could be done automatically and transparently without addidional special operations.
At the moment of registering a domain name to the registrant it is requested to assign a secret password to that name that he only know (I think at PGP )
To change ownership the seller will send the password to the registrar, they recognize him and they send back an unlock code
that the new owner must enter to convalidate the change of the data in the database.
Sure it can be improved but the principle seem to be effective.

 

[Peter]

Is that why you suggested to the guy "to check if register lock is enabled"?

They could have hacked the account, turned off regstrar lock transferred the domains then re enabled registrar lock!!! The reason I suggested that is because if it is notr enabled and his whois info is not changed then he can simply try a transfer.

But obviously, if the domain name logged at your registrar is locked but someone STILL hacks into your entire account, then you're talking about a much bigger problem. Then they'd have access to hundreds of names to do with as they pleased!

That really depends on how they did it, if they know you in some way and tried combinations of passwords that they think you would use then no it is not a problem with the registrar.

 

[Genialnames]

are you using what software to manage your accounts?

 

[jberryhill]

But HOW did he get all this detailed private info of yours?

Very simple. There are a variety of ways to crack free email accounts. Additionally, people use things like internet cafe's which, with or without the knowledge of the cafe', have keyloggers installed.

Once you have access to the email account, then you do the "I forgot my password" routine at the victim's bank, domain registrar, whatever, and the user names and passwords for those services are conveniently emailed to you.

It's not as if you get ALL of the required data handed to you on a silver platter, but you use the email account to get into the other stuff.

There is nothing that registrars can do to make their systems "more secure" than the least secure method employed by users to control their own accounts.

 

[Dave_Z]

There is nothing that registrars can do to make their systems "more secure" than the least secure method employed by users to control their own accounts.

And to top it off, they've carefully included a portion in their legal fine prints
something like "we're not responsible for your domain names being wrongfully
accessed". Registrars can employ as many secure means as possible, but it all
boils down to 2 things:

1. How users access their domain name accounts, no matter what computer
they're using it from.

2. What details users leave, if any, on their domain name registration records.

#2 is one time using your registrar's privacy services can help. But #1 is the
more important thing we shouldn't take for granted.

Unfortunately as many people start discovering the joys of the Internet and
domain names, they usually discover its pitfalls the hard way. By then, it can
be too late.

When a domain name has been hijacked, persistence is your only ally.

 

[Genialnames]

just one thing I don't understand here,
are such Domain so valuable that worth all the job (and the risk) to steal it? (considering they have 3 hyphens, they are 3 words, there is even number , not easy to spell, I guess they should do not have a very very high value on the market, IMHO, ) are those developed sites with high revenues?
Couldn't it be a friend of you made a Joke?
Did you have you further investigated, how is it the situation today?

 

[bluesman]

...people use things like internet cafe's which, with or without the knowledge of the cafe', have keyloggers installed. Once you have access to the email account, then you do the "I forgot my password" routine at the victim's bank, domain registrar, whatever, and the user names and passwords for those services are conveniently emailed to you. It's not as if you get ALL of the required data handed to you on a silver platter, but you use the email account to get into the other stuff.

Good lord! That certainly goes above and beyond the vague notion of someone trying to "hack" an account here and there. Internet cafes, huh? That could involve many thousands of security breaches across the board, then - I'll certainly never use a puter at such a cafe after hearing this!

 

[Genialnames]

people use things like internet cafe's which, with or without the knowledge of the cafe', have keyloggers installed.

That's really it is a valuable warning!

I'll certainly never use a puter at such a cafe after hearing this!

I will never too.

 

[DNQuest.com]

I have never used a cafe or any other free access sites (such as libraries) for this very reason. These are a high security risk; furthermore, if you use wireless connections with your own laptop out at some place (like Starbucks) , keep in mind that you are using unsecured connections (meaning people could see what your doing online in realtime).

 

[a1whs.com]

Oh just a note if u go and use any pc other than users press ctrl+alt+del and check for background processes , and kill those that u think are not known to u and neither of them are system processes, if that helps add reputation, as that is the first thing i do whenever i am using another pc.

 

[srijit]

nice info... but advanced keyloggers and trojans can avoid being displayed in the task manager :D