My domain 6462.com has been stolen

[DnEbook]

Not going to get into a long conversation about this other than to say the domain name 6462.com has been stolen and is now at ename.com .......merry F****KING XMAS TO ME

 

[tultseo]

Tracing it is the easy part getting it back it the hard part, no links have been clicked in any emails , kinda starting to wonder why they all disappear from gogaddy ?? Ename responding is like saying the tooth fairy exists. Just moved five domains from godaddy ....soon more, i just can't trust them and i have no faith in them to fix this
~
Dont think i'll say much more as last time i was here some mod accused me of post padding to reach 10,000 posts, hey maybe i got the chinese to steal my domain so i get more posts up, you might figure i'm a bit stale on the whole thing at the moment, merry xmas !! I still got my guitar !

Dude...Find out where the heck is enom located, get the into your car and break into their company door asking for your domain with proofs and your lawyer and show them that an chinese just stole your domain if they still do not respond then go for the Kung-Fu

 

[tultseo]

This might help: http://domaingang.com/domain-news/update-stolen-domain-lightly-com-recovered/

http://domaingang.com/domain-news/efficiently-report-domain-theft-media-coverage/

 

[forge]

Dude...Find out where the heck is enom located, get the into your car and break into their company door asking for your domain with proofs and your lawyer and show them that an chinese just stole your domain if they still do not respond then go for the Kung-Fu

It's eName amigo, and they're in China, so good luck with that plan!

To evirtual: AFAIK, GoDaddy no longer has email support. I think your best course is to use their online chat interface, just log in and use the Support link.

 

[Banezer]

ur acct was hack, but why most hack domain are been transfered to ename?

 

[DnEbook]

Godaddy have sent a 'complaint' notice which i have filled out, i have asked why the transfer never sent an email out to the account holder ........me !
~
I have spoken to support once, when i first discovered the theft, the customer support dude said 'hang oo i'll talk to my supervisor' I then asked why could not talk to the supervisor?? I was told to email [email protected] and at this point they have replied and i have filled out the form (forget the exact name) So i guess i have to wait, still have questions as to how this can happen though

 

[DnEbook]

I further explained that the nameservers were as they were in the hope that the theft would go unnoticed, i also stated the thief would not have an account at my hosting company. I am basically hoping the current crop of this happenings will be enough to stop the transfer, if i did not receive a transfer email surely that tells you something, yesterday i get a bill from escrow for a name i know nothing about (my email address stolen from my account here) The this morning i wake to find numerous hacking attempts at my wordpress sites, so i am off to update everything, only good news is ..... no hangover today

 

[forge]

yesterday i get a bill from escrow for a name i know nothing about (my email address stolen from my account here)

here where? Escrow? Or NP?

 

[Acroplex]

Almost 99.999% of all domains stolen from GoDaddy follow the same pattern:

1. Falling for a phishing email that poses as GoDaddy, asking you to click and verify your account; it takes you to a web page that looks like GD's. You enter your username/password and it's captured. Simple as that.

2. The thief logs into accounts that don't have two way authentication enabled, and only US customers can enable that feature currently.

3. The thief changes the contact info for the domain, and transfers it away, usually to Ename. The latter is a domain registrar in China that don't give a sh*t about transfer reversals. AFAIK, the only successful reversal was in the case of Lightly.com. Ename is the focus of at least one pending lawsuit related to being unreasonably unresponsive in order to return stolen domains.

Clearly, the reason of this huge jump in domain thefts in 2014 is ICANN's requirement for account verification by the registrars. Phishing emails have a very high rate of conversion.

ICANN is a bureaucratic organization unable and perhaps unwilling to resolve these matters, and yet added 470+ gTLDs to the zones this year. It will only get worse before it gets better.

 

[Paul]

I further explained that the nameservers were as they were in the hope that the theft would go unnoticed, i also stated the thief would not have an account at my hosting company. I am basically hoping the current crop of this happenings will be enough to stop the transfer, if i did not receive a transfer email surely that tells you something, yesterday i get a bill from escrow for a name i know nothing about (my email address stolen from my account here) The this morning i wake to find numerous hacking attempts at my wordpress sites, so i am off to update everything, only good news is ..... no hangover today

Your e-mail address was not stolen from your account here. You posted it publicly in several places, including various NamePros threads, and you have a handful of domains without WHOIS privacy. We obfuscate e-mails so that malicious bots can't easily extract them, but it's certainly possible for bots to deobfuscate them. However, your e-mail was most likely obtained from WHOIS data by bots that automatically scan such records and send out phishing e-mails in massive quantities.

It's worth noting, however, that WHOIS privacy does not provide protection against such attacks: e-mails sent to a generic privacy e-mail address will be forwarded to your account's primary e-mail address, as required by ICANN. The hacker doesn't need to know your real e-mail to launch an attack.

 

[ivey]

Why email Godaddy?? I just call them for everything..Especially when it's this urgent; you want them aware immediately, not when someone finds your emails. Anyway, i hope you get your name back as soon as possible. I am confident you will. Maybe Godaddy should do a phone verification or confirmation before a transfer and not just email, just in-case an is hacked.

 

[Acroplex]

Statistically, incidents happen more often at GoDaddy due to its sheer size as the largest domain registrar. This is not related to security. Once you get tricked into supplying your account credentials to a form that mimics GoDaddy's log in page, you are done (unless two way authentication is turned on.)

GoDaddy should:

1. Drop the SMS option for the globally available Google Authenticator, e.g.Uniregistry uses it
2. Make the two way authentication the default method of accessing one's account.

 

[DnEbook]

here where? Escrow? Or NP?

It was a payment bill for a domain i did not buy

 

[DnEbook]

I have never knowingly clicked on a link in an email, i am well aware of the scam and have it on record that i contacted godaddy about this, it is in my sent emails folder and is dated the 4th of december, it requested to be put on record that someone was trying to scam my godaddy login [email protected] ?????? Trust me i did not fall for that

Please Be Aware

To: [email protected]






Someone is trying to scam my details ........ they obviously want the numeric domain of 6462, i will be blocking this email address but want this attempted fraud on record , rod seeber
~
From: GoDaddy ([email protected]) Microsoft SmartScreen classified this message as junk.
Sent:Wednesday, 3 December 2014 7:08:03 PM
To:spaceroddy ([email protected])
Microsoft SmartScreen marked this message as junk and we'll delete it after ten days.
Wait, it's safe!|I'm not sure. Let me check


As of Dec 1, 2014, the Internet Corporation for Assigned Names and Numbers (ICANN) has mandated that all ICANN accredited registrars begin verifying the WHOIS contact information for all new domain registrations and Registrant contact modifications.

You have registered one or more domains from Godaddy Inc. and verification of the Registrant email address is required for these domain name(s) to remain active. Please click the link below to verify the email address. You have until 01/01/2015 to verify this email address. After this date, the domain name(s) will be suspended until the email address is verified. please cut-and-paste the following URL into an open web browser to complete the verification process:

service-godaddy.com/raaverification/verification/VerificationCode=EFEE26A4-32C3-473E-8A5B-FE9415411864

Once you click the link, your email address will be instantly verified and there is nothing further for you to do on the following domains:


-6462.com-



Sincerely,

GoDaddy Inc.

 

[Acroplex]

Rod, sent you an email. About the scam/phishing domains impersonating GoDaddy see http://domaingang.com/domain-news/caution-godaddy-enom-phishing-sites-used-domain-hijack-attempts/

 

[vdonline]

http://www.whois.com/whois/service-godaddy.com

Did you click the link?

 

[vdonline]

And how it's possible??? From: GoDaddy ([email protected])

 

[DnEbook]

of course i did not click any links, why do you think i contacted , thanks Acro i will read it soon, i am currently putting together a screencast of the whole incident

 

[Acroplex]

And how it's possible??? From: GoDaddy ([email protected])

The "from" email is forged. If you post the full email headers we'll see where it was posted from.

 

[DnEbook]

Thanks Acro !!

 

[NameOmnia]

This is getting really bad and I am upset that GD is not doing anything to fix this, at leas it's how it seems to me.

Falling for a phishing email that poses as GoDaddy, asking you to click and verify your account; it takes you to a web page that looks like GD's. You enter your username/password and it's captured. Simple as that.

As far as I know they can only steal your email and password if you actually enter them in the fake GD emails.
The real ones have an auto verification where you don't have to enter any. Am I wrong?

Also, even if they steal your email or password, shouldn't you receive an email for every change that occurs to the whois details of your domains? That's what has always happened with mine.

 

[forge]

FOR CRYING OUT LOUD please DISABLE that link you posted above containing service-godaddy dotcom!

It's potentially a malicious site

 

[forge]

Rod, sent you an email. About the scam/phishing domains impersonating GoDaddy see http://domaingang.com/domain-news/caution-godaddy-enom-phishing-sites-used-domain-hijack-attempts/

Rod commented on that very article on the 6th of December. Weird, coincidence.

 

[DnEbook]

Dear Santa ........ (see below)

http://www.youtube.com/my_videos_annotate?video_referrer=watch&v=lwURGMvKaV8

 

[forge]

wtf????

-edit-
unless I'm missing something, the youtube link for me doesn't work.

 

[DnEbook]

wtf????

It's called 'Putting it out there' ..... for the world to see