domains101
Established Member
- Impact
- 11
Hi everyone, ... story time.
Going back to January this year we had a 2 letter .com domain name stolen from a GoDaddy account. The intruder somehow gained access to the account and changed the registrant email, then initiated a transfer of the domain. As the transfer emails ended up in the intruders email by the time we noticed the domain was long gone.
We contacted GoDaddy about this and they passed the book 100 times and were really unhelpful. It even got to the point where they stopped replying to our customer support emails. We contacted an intellectual property lawyer who advised us to send a request for all account information including logins, account changes, and phone records. Upon requesting this GoDaddy contacted us shortly back saying they have started to transfer the domain name back into our account. And we did get the domain back, but strangely enough we didn't get the requested information.
We have heard that if you ring GoDaddy and try to pass security you get unlimited attempts. So you can keep guessing over and over again until you gain access. I am unsure if this is true. Also, I've heard that GoDaddy sometimes outsource work over busy periods and holidays etc which can lead to an inside job. Also unsure if this is true. Either way, to me it doesn't look very trusting of GoDaddy.
Now moving on...
Just this week the same thing happened to our enom account. Only this time it was 37 LLL.coms that were at risk. The intruder got access to the account and changed the registrant contact information then initiated the transfer of each domain from enom over to a chinese GoDaddy account.
Fortunately, we managed to catch it in time and block all transfers! Upon ringing enom they have gone silent and suggested that someone has hacked our work laptop, maybe?... I guess this is plausible but the computers are all up to date with security features such as firewalls, malware and virus detection software. And in both cases mentioned above the accounts were never once accessed via the same computer.
So my warning to you all, lock everything up as tight as you can get it! Enable two step verification where possible. Transfer domains to the most secure registrars (whoever that may be, please let me know!).
This method of stealing domains must be working for the scammers. We've been attacked twice and both times the transfers have started on the domains.
---
My other advice is sell everything and buy some land. At least a hacker can't come and steal it over night.
Going back to January this year we had a 2 letter .com domain name stolen from a GoDaddy account. The intruder somehow gained access to the account and changed the registrant email, then initiated a transfer of the domain. As the transfer emails ended up in the intruders email by the time we noticed the domain was long gone.
We contacted GoDaddy about this and they passed the book 100 times and were really unhelpful. It even got to the point where they stopped replying to our customer support emails. We contacted an intellectual property lawyer who advised us to send a request for all account information including logins, account changes, and phone records. Upon requesting this GoDaddy contacted us shortly back saying they have started to transfer the domain name back into our account. And we did get the domain back, but strangely enough we didn't get the requested information.
We have heard that if you ring GoDaddy and try to pass security you get unlimited attempts. So you can keep guessing over and over again until you gain access. I am unsure if this is true. Also, I've heard that GoDaddy sometimes outsource work over busy periods and holidays etc which can lead to an inside job. Also unsure if this is true. Either way, to me it doesn't look very trusting of GoDaddy.
Now moving on...
Just this week the same thing happened to our enom account. Only this time it was 37 LLL.coms that were at risk. The intruder got access to the account and changed the registrant contact information then initiated the transfer of each domain from enom over to a chinese GoDaddy account.
Fortunately, we managed to catch it in time and block all transfers! Upon ringing enom they have gone silent and suggested that someone has hacked our work laptop, maybe?... I guess this is plausible but the computers are all up to date with security features such as firewalls, malware and virus detection software. And in both cases mentioned above the accounts were never once accessed via the same computer.
So my warning to you all, lock everything up as tight as you can get it! Enable two step verification where possible. Transfer domains to the most secure registrars (whoever that may be, please let me know!).
This method of stealing domains must be working for the scammers. We've been attacked twice and both times the transfers have started on the domains.
---
My other advice is sell everything and buy some land. At least a hacker can't come and steal it over night.
