NameSilo

I lose $42,000 on an escrow.com transaction as pdd.com, help please.

Labeled as warning in Warnings and Alerts started by American, Jan 9, 2018.

Replies:
337
Views:
39,120

  1. slader23

    slader23 Always On The Bleeding Edge. VIP

    Posts:
    2,176
    Likes Received:
    3,403
    Yep. Pretty much, what I had discovered if you see my post on p1. Another important thing to note is that domain registrant, Melissa Kittrel hasn't worked for PDD in 7 years. It's very likely that her old business email got hacked which gave the seller access to not only the domain but also her Gmail since it's likely that her former business emails were forwarded to that @gmail.com address. This was probably left unnoticed until PDD lost control of the NS.
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    2,066
    Likes Received:
    2,909
    Netsol didn't "wait" for anything, and the owner apparently notified Netsol relatively promptly, as these things go.

    Most of the time, the owner of a stolen name does not know the name has been stolen. PDD has had this name since 1996. Do you think they check their WHOIS details every day or something? It's not as if the domain name stops working.

    Most of the time, the thief keeps the nameservers the same, while carefully managing the hacked admin contact email address to keep the owner from receiving any notifications when the admin contact email and/or account email is updated.

    Usually, the owner does not know the name is stolen UNTIL after the name is fobbed off onto the buyer.

    But when you see a domain name which has been used by the same people for more than 20 years, followed by a recent WHOIS change to a free email account, and then a sale proposal, it's time to get in touch with that 20 year user to find out what's what. Now, sure, it CAN happen that because they haven't updated the WHOIS information in a long time, the recent update was part of preparing the domain name for sale. In this instance, picking up the telephone and getting in touch using the same telephone number that's been there for years - is in the WHOIS history and is on the screenshots.co captures - would have been a good idea.

    It's also a good idea to avoid the "previous employee" problem. Melissa Kittrell hasn't worked at PDD since 2010:

    https://www.linkedin.com/in/melissakittrell/

    It may be that they kept the [email protected] email address active and in-house, but it is also interesting that the email changed from [email protected] to [email protected]. In other words, one of two things had to happen. Obviously, a thief could Google "kittrell" and "professional data" to find out just who Melissa Kittrell is, in order to come up with an email address that includes more of her name than just "mkittrell". But, there again was another obvious pre-purchase diligence angle to check out - why did the name change to a gmail address suggestive of a name of a person who hasn't worked there for seven years?

    There could be a lot of different answers to that question, some of those answers could be fine, but the WHOIS history and record of use of this domain name provides, as noted above, red flags all over the place.
     
  3. tech4

    tech4 Established Member ★★★★★★★★★★

    Posts:
    1,212
    Likes Received:
    134
    So what happens now? Does escrow provide photo ids even if its fake or any info? What does Web/NS say about this?

    These two companies can provide alot of information into IP log ins, transaction detail (Escrow), that you can sue and find out who the real patrick.sitrok is. If you have the money and time to go that route.

    BTW, most crimes are committed by people who know each other and have access to information only insiders have. I hope the buyer gets to the end of this and find out who the thief is.
     
    Last edited: Jan 9, 2018
  4. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    2,066
    Likes Received:
    2,909
    That's one of a number of possibilities. It's unlikely to have been Miss Kittrell herself, although the "former employee running away with the domain name" scenario is not unknown. However, to have moved it to her gmail address would not have been a good idea. Alternatively, it is an email address the thief came up with.

    What is utterly clear is that NOWHERE in the history of the domain name any suggestion that a "Patrick Sitrok" with a mailing address of a Dallas shopping center has anything to do with a small data company in Indiana.
     
  5. Dave

    Dave Top Member VIP ★★★★★★★★★★

    Posts:
    3,389
    Likes Received:
    3,732
    OP I am sorry that some scum has done this to you.

    This is an important lesson though for all. When buying a domain name make sure you do your due diligence. Especially if something seems too good to be true.

    @jberryhill You're an absolute star for helping out on this forum with your expertise. If I ever get a chance to meet you I will for sure be buying you a drink.
     
    Last edited: Jan 9, 2018
  6. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    2,066
    Likes Received:
    2,909
    Oh, hell no. If there is anything in the ID or payment information that Escrow.com has which suggests it was dodgy, Escrow.com is certainly not going to give that out. Escrow.com is not going to hand anyone evidence that Escrow.co had reason to believe there was something suspicious about the transaction. Do you think they are crazy?
     
  7. tech4

    tech4 Established Member ★★★★★★★★★★

    Posts:
    1,212
    Likes Received:
    134
    Escrow is not crazy :), but I do want to know what does Escrow and NS say about this to the buyer? That's very important before bringing in the lawyers and tracking down the thief.
     
  8. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    2,066
    Likes Received:
    2,909
    Have you taken a look at her religious blog? Looks like her old email isn't the only thing that got hacked.

    Add that to the endless vista of red flags that looks like the Beijing Olympic opening ceremony.
     
    Last edited: Jan 9, 2018
  9. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    2,066
    Likes Received:
    2,909
    Nothing.

    They say nothing.

    From Netsol's perspective the "buyer" is the person to whom a stolen domain name was transferred. Having dealt with a few domain thieves from the registrar end of things, I can tell you that it becomes pointless to communicate with them, since you only help them understand the registrar's internal processes for investigating these things.

    In other words, from where Netsol is sitting, the buyer IS probably the thief - since the person to whom the stolen domain name was moved keeps asking questions. As noted above, it also looks as if this person has another stolen name in their account.

    Escrow.com likewise will provide nothing voluntarily. They know they just moved $42k in a transaction involving stolen goods. Their only concern is their own potential liability. In the last year, I have seen the most amazingly incompetent things done at Escrow.com. What do you think they are going to do? Say, "Oh, yeah, um, here's a fake Brazilian driver's license we used in order to verify the identity of someone who had us send money to Indonesia." Absent a subpoena, that's not happening.

    They'll simply say that their terms do not allow them to give that information out. Fin.
     
  10. alcy

    alcy Top Member VIP

    Posts:
    16,183
    Likes Received:
    25,160
    that's just some amazing stuff.

    given your expertise in this area, and seeing how pretty much everyone can fail you in the buying process, auction house, registrar, escrow.. what is in your view the ideal and best way to proceed when buying a more expensive name? do all research yourself? if so where and how ideally? or just hire an agent to do the research+transaction.. in this case would we be talking about say an Afternic agent for instance?

    ty
     
  11. tech4

    tech4 Established Member ★★★★★★★★★★

    Posts:
    1,212
    Likes Received:
    134
    I have heard in life nothing is impossible, and sometimes there are dead end but its only temporarily. Goodluck to the buyer if he really wants to find out, have to file an international lawsuit.

    So question is. If the buyer is US citizen instead of Chinese, would he have better chance of filing suit and finding out who the thief is in this case? (Doesn''t mean he will get money back) but would he have a better chance if he was "American" filing in the states?
     
  12. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    2,066
    Likes Received:
    2,909
    In no instance should you rely on someone who is going to get paid if the deal goes through.
     
  13. wwwweb

    wwwweb Top Member VIP

    Posts:
    9,379
    Likes Received:
    8,040
    Maybe time for escrow to incorporate a sedo like rating system, account opened 2001, activity star?
     
  14. Kate

    Kate Domainosaurus Rex VIP ★★★★★★★★★★

    Posts:
    21,117
    Likes Received:
    22,407
    One thing to know is that in circumstances like that, the domain name can be swiftly returned to the original registrar, even bypassing the 60-day lock that applies on inter-registrar transfers. If both registrars agree the transfer was dodgy that's enough to 'undo' the transfer.
    So moving the name to another registrar does not guarantee the name will not be taken away from you.

    No at all, the escrow services does not due diligence for you. If the domain is stolen, then the transfer is very likely going to be reversed as long as the domain is still within reach.

    At this point all the OP can do is:
    • get as much forensic evidence as possible from Escrow.com: IP addresses used, E-mail accounts, bank details. And if I'm not wrong they have Chinese-speaking staff (I guess the OP will feel more comfortable in Chinese than in English).
    • then figure out who the thief may be, or where he may be located and based on that data you decide where to sue or file a complaint. The amount involved is large enough to be worth pursuing.
     
  15. carob

    carob Top Member VIP ★★★★★★★★★★

    Posts:
    3,405
    Likes Received:
    4,193
    I would like to know if Escrow.com carry insurance against fraud, in this case probably fraudulent ID.

    They might not want to say so, as that might encourage fraud. But if there is no loss to them if someone scams via them why would they care? But there has to be a base level of security and ID checks they carry out - if that is not sufficient or they do that wrong, they could have to reimburse scam victims. So do they insure for that?
     
  16. wwwweb

    wwwweb Top Member VIP

    Posts:
    9,379
    Likes Received:
    8,040
    Makes sense, just as long as they don't profit off of it. This is the thing these Chinese investors are wham bam throw fast cash around, you got to look at historical whois, make phone calls, if you buying this price level of domain from an untrusted source.
     
  17. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    2,066
    Likes Received:
    2,909
    They will not voluntarily provide that. You'd first have to file a "John Doe t/a 'Patrick Sitrok'" suit, and then subpoena that information from Escrow.com. That will burn you through your first $20k, and get you to the point where you can then subpoena any financial institutions to find out the money went somewhere where it would cost you even more to chase down the rathole.

    So, let me give you one of an infinite number of scenarios here.

    You file your John Doe suit in, let's pick Virginia since it's a .com name with some connection to Virginia, you get the information from Escrow.com by subpoena. As luck would have it, the bank is also located in the US, so you can subpoena them too. You find out the bank account, which has since been closed, belonged to some person who answered an ad on Craigslist for "Make money at home buying Bitcoin", and is no longer living in the rented trailer in Podunk that they used as an address at that time. Amazingly, after spending more money, you find out they are living under a railroad bridge in Mexico. Now what? The funds are untraceable, and you found yourself a penniless smurf. Waddya do, get a judgment in the US and then spend more money to enforce it in Mexico to get their sleeping blanket?

    I mean, where do any of you think a legal action of any imagined kind is going to lead? Escrow.com will provide account information of a US account holder who is just sitting at home waiting for you to show up with a summons?

    People who engage in fraud have the advantage of knowing that they are engaging in fraud. They worked out how to steal the name in the first place, but it's not as if they did that and then thought, "Gee, now what do we do with the money to make it untraceable to me?" That was the FIRST part of the plan.
     
  18. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    2,066
    Likes Received:
    2,909
    Escrow.com has not been defrauded. They got their money. Try getting them to refund the transaction fee and see what they tell you.
     
  19. carob

    carob Top Member VIP ★★★★★★★★★★

    Posts:
    3,405
    Likes Received:
    4,193
    You are right, the buyer has been defrauded. But in the event that a customer pursued Escrow.com for having inadequate checks which resulted in losses to the customer, would Escrow.com have insurance to cover what that cost them? Or do they just live with the risk, or think there is no risk to them?
     
  20. DomainVP

    DomainVP Domain Expert VIP

    Posts:
    3,381
    Likes Received:
    12,168
    Thank you @jberryhill for taking the time to lay all of that information out. These are very valuable posts that are going to save people from falling into this kind of trap.

    One thing I didn't see mentioned during this discussion was the "Inspection Period". Am I right in assuming OP agreed to an inspection period of "1 day"?

    From Escrow:
    I would have done no less than 7 days for inspection for any additional due diligence.

    Obviously the key to this is to do your research before any acquisition, but do you think a lengthy inspection would help or hurt a transaction like this.
     
  21. wwwweb

    wwwweb Top Member VIP

    Posts:
    9,379
    Likes Received:
    8,040
    Good point here, why not even stretch it to 30 days. Most likely buyer would never agree, as they would know time is not on their side.
     
  22. Lox

    Lox ----- Gold Account VIP

    Posts:
    962
    Likes Received:
    922
    (just an idea)

    Making a name Patrick Sitrok for himself + profession

    The name (inspiration), link domainbigdata

    nameidea.jpg

    and the address (inspiration), link opengov

    Patrick's Salon
    14999 Preston Rd Ste 600
    Dallas, TX 75254-6850
     
  23. MapleDots

    MapleDots Domain Properties 2010 - 2019 VIP

    Posts:
    5,061
    Likes Received:
    10,259
    I have always used my in house credit card payment system for transactions but had a few bigger deals lately and have recently opened an escrow account.

    Something inside me told me that escrow is no substitute for due diligence.

    I always ask for, or look for this info....

    - Whois History
    - Send me an email from email listed in whois
    - if there is a push involved, have them make a small change to whois
    - try to contact previous whois owner if recent change
    - verify contact info of who you are dealing with
    - sometimes I ask for employment verification

    If my buyer/seller says its too much info then I tell him he gets my contact info back. There is no such thing as too much information on a large transaction.

    Oh, yeah.... almost forgot... a bill of sale is also must when goods change hands.

    Don't forget if you use paypal to always enter funds for domain sale xxx.com etc.

    Document, Document, Document
     
  24. jberryhill

    jberryhill Top Member John Berryhill, Ph.d., Esq. VIP ★★★★★★★★★★

    Posts:
    2,066
    Likes Received:
    2,909
    Define what you mean by "pursued".

    Additionally, please check your definition of "pursued" against the dispute provisions of the Escrow.com general terms: https://www.escrow.com/escrow-101/general-escrow-instructions

    In particular, have a look at Section 10.

    Of course, you could have the State of California take a deeper look into Escrow.com's operations for free:

    http://www.dbo.ca.gov/Consumers/consumer_services.asp
     
  25. Kate

    Kate Domainosaurus Rex VIP ★★★★★★★★★★

    Posts:
    21,117
    Likes Received:
    22,407
    Just like you say, unlikely. But we know that scammers are very often dumb, which is why they are not engaging in a legitimate activity in the first place. And sometimes they are overconfident and they get caught. For example when they use a VPN and think the VPN service does not log their home IP address and will not turn them over, not to mention that the VPN connection can drop.
    I have an example in mind. You may still remember that epic thread on another forum where a member (DanielG) was busted as a domain thief and he served time in a federal prison thanks to a relentless victim, and a landmark ruling. He didn't bother to cover his tracks because he must have been thinking the owner was asleep or powerless.
    But like you say, the scammer is probably far away.
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!

Share This Page

NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...