NameSilo

[RESOLVED] - Domain Name Stolen...A Horrible Story and a Warning...

Located in General Domain Discussion started by Dustie, Apr 17, 2019.

Replies:
519
Views:
23,946

  1. Ostrados

    Ostrados Entrepreneur VIP

    Posts:
    2,202
    Likes Received:
    397
    Wonderful story.. I am glad we have a happy ending here. I really admire @maxtra cooperation to resolve this issue.

    But still this is a very curious case that deserves more investigation. The Afternic manipulation theory is the most probable explanation and a very scary one! anyone can add your domains if they are not listed at Afternic by you and then manipulate your domains prices if your domains are listed at Godaddy marketplace. I noticed that Afternic adds my domains without any verification, I know that because whois info for all my domains are private, in Sedo I need to add TXT record to verify ownership for each domain, while at Afternic I am not required to do that, how do they verify my domains without whois and without TXT record is something I always wondered about. I think they just add domains without any verification which if true is a big loophole with the size that an elephant can go through.

    You still need to accept Afternic's fast transfer for this loophole to work, but considering that Godaddy is Afternic and in case the buyer and seller are both at Godaddy, then there is a possibility that fast transfer is not needed in first place for the OP scenario to happen. I hope that this is not the case and i hope that @Joe Styler investigate this more and tell us if this is possible.
     
    Last edited: Apr 19, 2019
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. carob

    carob Top Member VIP ★★★★★★★★★★

    Posts:
    3,483
    Likes Received:
    4,316
    It's even worse than that, as reported in the Aftenic bugs thread:
    https://www.namepros.com/threads/problems-bugs-and-fixes-at-afternic-report-problems-here.1006373/

    Basically people found their listings at Afternic kept getting removed and appearing in another account. What came out is there are Afternic "superusers" who can just upload a spreadsheet with any domains they like and that will overwrite existing domain entries. So these superusers as far as I know still exist and can override even prices of domains you have already listed in your account at Afternic.

    Godaddy never fix anything at Afternic, but really there should be a way to disable fast transfer there (there is at Sedo). When I asked I was told the only way to do it was download a spreadsheet of all your domains and settings, then delete all domains at Afternic, then upload the spreadsheet again and so fast transfer would be disabled by default on all those now newly listed domains. The problem there is a sane person would then have to check the painful 50 item-per-page-by-page entries to be sure the spreadsheet had uploaded ok. Another case of GD offloading pain and inconvenience and risk onto customers instead of spending a bit from their huge profits to fix basic problems at source.
     
    Last edited: Apr 19, 2019
  3. Dustie

    Dustie Upgraded Member Blue Account ★★★★★★★★★★

    Posts:
    332
    Likes Received:
    316
    [​IMG]
    [​IMG]

    DUSTIE.COM IS HOME SAFE AND SOUND AND SHE'S RESTING PEACEFULLY WITH ALL HER DOMAIN NAME FRIENDS![​IMG] [​IMG]
     
  4. maxtra

    maxtra Let's make a deal Gold Account VIP

    Posts:
    4,413
    Likes Received:
    2,586
  5. Dustie

    Dustie Upgraded Member Blue Account ★★★★★★★★★★

    Posts:
    332
    Likes Received:
    316
    Sorry...guess I thought it was worth repeating! LOL... AND IT IS!
     
  6. stub

    stub Top Member PRO VIP ★★★★★★★★★★

    Posts:
    23,884
    Likes Received:
    9,245
    @Dustie - Congrats! A bit of a change from your first post :)
     
  7. Abdullah Abdullah

    Abdullah Abdullah Top Member Epik.com Staff VIP

    Posts:
    2,622
    Likes Received:
    2,853
    Now change the nameservers to the hosting you had some your old email will work. Also enable 2FA verification on your GD account.

    Congrats and salute to @maxtra and @MapleDots .
     
  8. Dustie

    Dustie Upgraded Member Blue Account ★★★★★★★★★★

    Posts:
    332
    Likes Received:
    316
    Stub, you are so right! I never in a million years thought anything like this would happen when I posted that first post. At that time I just new that the name was gone for good. I just wanted to warn others of, what I thought was domain theft, and instead found Matrix and MapleDots and all of you and got my domain back! We are all made whole and it's been one HELL OF AN AWESOME JOURNEY!
     
  9. Dustie

    Dustie Upgraded Member Blue Account ★★★★★★★★★★

    Posts:
    332
    Likes Received:
    316
    Abudullah... I have already enabled 2FA. Can I have both [email protected] and [email protected] come to the same GoDaddy 365 Email account? I've been changing it all over the place and now want to use both emails.

    Can anyone explain the Locking system that's been mentioned in here? I don't have Wordpress though?
     
  10. stub

    stub Top Member PRO VIP ★★★★★★★★★★

    Posts:
    23,884
    Likes Received:
    9,245
    You don't need the locking system if you don't have WP. It's specific to WP. Which if it isn't constantly updated, both WP & the Apps, then it can lead to vulnerabilities in the future. You can sleep tight with 2FA, provided you are not prone to losing your phone.
     
  11. Abdullah Abdullah

    Abdullah Abdullah Top Member Epik.com Staff VIP

    Posts:
    2,622
    Likes Received:
    2,853
    I dont know about your email setup but I think a catchall can be made. 365 email is from Microsoft and you can ask both GD and Microsoft support as GD links to this site https://officeactivationsetup.com/

    Edit: I actually asked the guys at that link I shared as they have live chat and they said yes, it is possible.
     
    Last edited: Apr 19, 2019
  12. Dustie

    Dustie Upgraded Member Blue Account ★★★★★★★★★★

    Posts:
    332
    Likes Received:
    316
    Oh No! I'm on my 5th phone inside of two years. One is at the bottom of an Alligator infested lake, one got soaked in my pocket at another lake, one got run over by a car, one got lost and now I'm on number 5. What happens if I lose my phone???
     
  13. Dustie

    Dustie Upgraded Member Blue Account ★★★★★★★★★★

    Posts:
    332
    Likes Received:
    316
  14. BrandCougar

    BrandCougar Upgraded Member Gold Account VIP

    Posts:
    841
    Likes Received:
    1,422
    Hi @stub -

    I agree.

    But wouldn't it be a solid response by GoDaddy and demonstrate a huge amount of credibility if they did!

    We are not talking about "confidential information" for Dustie's account - we are simply talking about timestamps of certain events that have been discussed extensively in this thread. And also want to know how this $450 price point was implanted. If GoDaddy says "we don't know" then we are F'kd - as this is a Risk Management issue that deserves a specific Root Cause analysis and result..

    And not a single one of those dates are "Top Secret" (nuclear code) type data points. They are only date stamps and event time stamping.

    The problem I have with how this is playing out - is their is too much jubilee at the moment about the name being in the transfer mode back to Dustie- and not enough effort is being made to get to the ROOT CAUSE of this problem.

    This ROOT CAUSE is super important to all of us that have a GoDaddy account. And sugar coating a dog turd does not make it a Babe Ruth bar!!

    Meaning - the fact that good will is being exhibited to return the domain to Dustie is terrific and admirable, but damn - let's get real here - something happened that caused this cluster of a mess - and simply sugar coating it by saying "we found no issues" is too simple and generic a response.

    Every communication I have ever had with Joe has been super professional. He is focused and responsive to NamePros members questions. Thank you! But this is an opportunity for GoDaddy to shine! With full transparency on a topic that at the moment is quite public and concerning.

    This thread demonstrates there is an undercurrent (undertow) feeling about this situation. Why not provide full transparency to the reasonable questions I asked in my earlier post. If "VP" level GD employees were involved, they must (or at least hopefully) had data provided to them for them to draw their conclusions.

    This is a perfect moment for GoDaddy to shine. I am not asking for Trade Secrets or "Proprietary" information. Just asking for a simple timeline of events based on their raw data findings.

    And if someone says.... "they found nothing unusual"... then why not published the data and share the data they used to render that opinion!

    Let us... as domain investors... render our own conclusion!!

    We aren't a stupid lot and many of us have operated multi-million dollar businesses and have had to participate in Risk Management exercises / Root Cause analysis & exploration.

    -Cougar
     
    Last edited: Apr 19, 2019
  15. Abdullah Abdullah

    Abdullah Abdullah Top Member Epik.com Staff VIP

    Posts:
    2,622
    Likes Received:
    2,853
    Did you setup the 2FA with SMS or Google Auth? With SMS you just need to have the SIM/number, but with GoogleAuth, YOu will need to have access to that app as it will generate secret codes that change in every 30 seconds.
     
  16. stub

    stub Top Member PRO VIP ★★★★★★★★★★

    Posts:
    23,884
    Likes Received:
    9,245
    It's a hassle in more ways than 1. I haven't had to go thru that at GoDaddy. But for sure you cannot log into your control panel or do renewals and stuff. Until it's fixed. I have 1 phone sitting on my computer desk, specifically for domaining. It never leaves the house. Even that can be a problem, because if it doesn't get used the sim card expires :(
     
  17. BrandCougar

    BrandCougar Upgraded Member Gold Account VIP

    Posts:
    841
    Likes Received:
    1,422

    @Ostrados -

    Exactly!!

    -Cougar
     
  18. stub

    stub Top Member PRO VIP ★★★★★★★★★★

    Posts:
    23,884
    Likes Received:
    9,245
    Whilst I agree with everything you are saying. It's never going to happen because their investigation found no problem with the sale, and they refused to intervene. They let the sale stand. Anything concerning the return of the domain was entirely between the buyer and the seller.

    Do I believe this is the actual case? Well.... nooo :) Do I believe they did not find any evidence to intervene...It's possible. But they are never going air their dirty laundry in public. Much easier to say they found nothing wrong with the original sale. When they already know the 2 parties have already agreed on a remedy.

    Everything Joe has been doing is purely for good customer relations. Over Easter. When he probably should be at the beach with the family :)
     
    Last edited: Apr 19, 2019
  19. Dustie

    Dustie Upgraded Member Blue Account ★★★★★★★★★★

    Posts:
    332
    Likes Received:
    316
    Cougar, I am satisfied that GD did all they could. They dated the change from 20,000.00 to 450.00 around the same time I actually did make some price changes to some of my domain names, and they found no unwanted or untoward "trespass" nor could they find any glitches or errors. They never mentioned the price changes noticed by the tech guy when I was on with them after the name sold.

    I did run into some GoDaddy error pages that day I was making changes. They would say something like "This page is not available now...Please try back later". Finally I just gave up and went onto something else. They looked for evidence of those to see if that might have had something to do with what happened, but found nothing. So, in the long run, they had no choice but to surmise that it was through no fault of theirs that this happened. They didn't say, but I know from their end it looked like I'd made a mistake on my part. All I can say is, if it was my mistake, it was certainly one doozy of a mistake!

    I didn't post more then just a synopsis of Joe's emails here, because I felt that if Joe wanted to share his emails with everyone, that would be up to him, not up to me. Hope this helps...
     
  20. stub

    stub Top Member PRO VIP ★★★★★★★★★★

    Posts:
    23,884
    Likes Received:
    9,245
    @Dustie - We are all very happy that it worked out so well for you :) Because if it had not been because @maxtra was a NP member, and GD not finding anything wrong with the sale. Things would have looked awfully different :(
     
    Last edited: Apr 19, 2019
  21. BrandCougar

    BrandCougar Upgraded Member Gold Account VIP

    Posts:
    841
    Likes Received:
    1,422
    >> But they are never going air their dirty laundry in public. Much easier to say they found nothing wrong with the original sale. When they already know the 2 parties have already agreed on a remedy.


    @stub -

    I agree.

    And this is the "Babe Ruth" bar I'm taking about. It's sugar coating a turd!!

    It's admirable what has happened and the good-will offered by several NamePros members, but we have become enablers!

    We have let GoDaddy off the hook, basically enabling them to wipe their hands of it too easily, and should ask (demand) a higher standard.

    I have no ill will with Joe. He's a top shelf guy! And I appreciate each and every time his is involved.

    But the problem I have is we are investing cash / our hard earned funds - and trading in domains.

    A financial institution is held to a a fiduciary responsibility. Why are we accepting this as "okay".

    My basic point - this WILL HAPPEN AGAIN if the Root Cause is not fully investigated and data results publicly reviewed/scrutinized.by industry lay.

    And the next time it happens, the receiving buyer might not be so generous!

    I am not crying wolf here... or the sky is falling... I am merely a business person intelligent enough to interpret data and draw my own conclusions.

    As is every other person on this thread!

    I am passionate about this topic because I've spent a career sifting thru the mud of Educational Testing Fraud, Check Fraud Detection, Check Clearing Risk Management, Acquisition Due Diligence, Inventory Audits, Retailer Fraud, MAP Pricing Deviations, and a pile of other (not so glamorous) Employee "Red Flag" behavior.

    Yes - this is a hot topic for me - because I (like you) have my money invested in these products.

    And I don't like flying blind.

    -Cougar
     
  22. BrandCougar

    BrandCougar Upgraded Member Gold Account VIP

    Posts:
    841
    Likes Received:
    1,422
    @Dustie -

    Thank you for your response.

    Did GD specifically indicate that the "change request" from $20,000 to $450 was specifically tagged as having been initiated from your GD panel?

    Please advise.

    -Cougar

    ps: Yes, like Stub mention, I am happy you have your domain back...Congrats! But if we don't have a perfectly clear (and documented reason) for how this transpired, we are naively flying blind. Thanks.
     
  23. stub

    stub Top Member PRO VIP ★★★★★★★★★★

    Posts:
    23,884
    Likes Received:
    9,245
    The best we can do is to take note of what has happened, and act accordingly. If we believe this is a fault of their system. Then it behooves us to remove our domains from Godaddy's Registrar. Which I did a long time ago. So I reject any accusation of being complicit, or an enabler here.
     
  24. tonyk2000

    tonyk2000 Top Member VIP ★★★★★★★★★★

    Posts:
    1,234
    Likes Received:
    1,530
    @Dustie please do not forget to check domain contact details. Limited public whois shows the following:
    Registrant State/Province: WA
    Registrant Country: US
    Other details: <hidden from public view>
    It was the same yesterday.
    So, either both @Dustie and @maxtra reside in WA/US, or the domain still has old ownership details (even being now at home with an original account).

    And... congratulations! :)
     
  25. Dustie

    Dustie Upgraded Member Blue Account ★★★★★★★★★★

    Posts:
    332
    Likes Received:
    316
    I don't know which way it was set up. I simply set it up by clicking the link in Godaddy to set it up.
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...