discuss [Resolved] Domainer Loses $26k On A Stolen Domain!

[DaveX]

Darn! Another scam and this time it is an experienced domainer James Booth.

James must have thought he was making a sound acquisition as he transferred approximately 26k to escrow for CQD.com. Instead, after completing the escrow, the domain was taken from his account by the registrar without notification and returned to the "true" owner.

Turns out the person that sold him the domain CQD.com, may not have been the true owner.

Apparently this incident involves several parties including the registrar and the escrow.


Thanks to Theo over at DomainGang for the tip on this.

 

[Grilled]

March 8 - Email sent from Rebecca Burns to James, to which James replies.

I find it hard to believe Rebecca sent the first email in that string. But maybe. I'll ask Rebecca when the weekend is over.

To clarify, I believe she sent that email, but I suspect there may be other emails before that.

 

[BrandMart]

I wonder if her netsol is open any more.

NetSol is turning out to be Florida Man!

 

[BrandMart]

I find it hard to believe Rebecca sent the first email.

I agree to that.

• Message Details:

• • Name Rebecca Burns
  • Email [email protected]
  • Subject CQD.com
  • Message james, you stole my domain when it was purchased through escrow.com by you through a person not authorized to sell it, and with zero affiliations to me. It was a hacker who fraudulently conducted business with you. I have worked all my life, and owned this domain for 22 years. it is my business. Please return it to me. I did NOT receive any money. The "seller" was not me. This will ruin my life. i have been crying all day over this. PLEASE DO THE RIGHT THING AND GIVE IT BACK TO ME. As God is my witness to do the right thing you will be rewarded 10 fold. Just as if you do the wrong thing you shall be punished. Colossians 3:25 Whoever does wrong will be repaid for his wrong, and there is no favoritism. I was never contacted. I was not a part of this transaction. I am a victim here. I would appreciate your acknowledgement and return CQD.com to her rightful owner. I created her. She is like my child and she is worth way more than what you spent, you know this. -Rebecca Burns ComQuest Designs 352-870-5282

• Sent on: 8 March, 2018

This looks like a reply to an email.

 

[equity78]

CQD.com owner should be following the playbook used by MLA.com

They have a lot in common,

Graphic design firms
In their 50's
Saw their 3L as a retirement nest egg

https://www.thedomains.com/2018/04/...ld-be-following-the-playbook-used-by-mla-com/

 

[DNWon]

Some pointers from email:
March 8 - Email sent from Rebecca Burns to James, to which James replies.
The above shared Email doesn't show any indication of CC / BCC towards Zak or David.

March 9 - Rebecca Burns replies / emails to James & Zak
(Who is Zak? How did Rebecca Burns know Zak's email id?
She obviously threatened him.

Easy there late-comer @BrandMart:

All this proves is that James was Blind Carbon Copying his lawyer, which we believe to be (but not confirmed) Zak Muscovitch, whom we think petitioned Web.com (Network Solutions) to return the CQD.com to James account because he had an Escrow.com receipt and the thief had moved the domain from Rebecca's account to James account, so they could get paid, prior to Rebecca having this reversed.

And the below is not even close to being a threat! I would know, I'm from New Jersey!

"i am the neice of law makers. sometimes it’s not what you know but who you’re related to."

 

[xynames]

I think we're beating a dead horse here. James Booth knew what he was doing and by that I mean he knew that he was getting into a murky situation and went through with it anyway. He claims that he did all this "due diligence" - why? When I buy a domain all I do is make sure that I receive an email from the WhoIs. Why did he go to all the lengths he claims he went to unless he knew something was fishy about the matter, such as, for example, the price.

And then we know that another domain buyer, previously, passed on the deal, because he suspected that the domain was stolen. With all the due diligence Booth was supposedly doing he couldn't have unearthed this prior deal?

And again, on the other side of the coin, we have Rebecca who, if this timeline is to be believed, should have been more diligent about all this and clamped down the hatches after the first time the domain was stolen or almost stolen. Or at a minimum, if Booth is to believed at all, after she stopped receiving emails for months at the domain's WhoIs email (because someone had supposedly hijacked her email).

The whole thing's...unclear...other than that there is at least some blame on both sides.

 

[equity78]

I think we're beating a dead horse here. James Booth knew what he was doing and by that I mean he knew that he was getting into a murky situation and went through with it anyway. He claims that he did all this "due diligence" - why? When I buy a domain all I do is make sure that I receive an email from the WhoIs. Why did he go to all the lengths he claims he went to unless he knew something was fishy about the matter, such as, for example, the price.

One of the better points made in 42 pages.

 

[offthehandle]

Has anyone made an exact chronology of calendar dates of what happened according the emails and paper trail? Or at least was reported to have happened here? When CQD.com was first stolen, when first sold, when sold the second time by the alleged hacker, the date it was removed by NS. The recovery date I recall seeing in the first few pages.

This is up to 1026 posts. Thanks.

 

[tonyk2000]

So we have at least 2 precedents that are favorable for Rebecca: Express Media v. Express.com (mentioned by mr. Berryhill on page 9) and mla.com case.

Current registrants attorney is no doubts aware of both, so it would be extremely interesting to follow this case in court - how exactly he will try to defend the current registrant.

Are there any precedents where a buyer of a stolen domain was allowed to keep his purchased domain?

So far I found only the following hint -

The law suit will also take years to resolve.

It is not obvious that the current registrant, being British citizen and Singapore resident (and not a lawyer), is necessary aware of the time frames required to resolve law suits in US/Florida courts. Somebody, such as his attorney, might have clarified this to him. If so, this may also show what will happen in future - delays, delays... inspired by the current registrant. Requests to dismiss the case due to formal reasons - such as claiming that the domain is not a property if Rebecca claimed that it is, or requests to send the case file to Singapore, etc.
Rebecca should be prepared.

 

[Kate]

Are there any precedents where a buyer of a stolen domain was allowed to keep his purchased domain?

Plenty...
It's very hard to recover a name once it's been stolen. Unless it's a well-known domain and the case is publicized a lot. But if you are a Mr/Mrs Nobody you're on your own and nobody is going to be in a hurry to rectify the wrong.

The thief is usually going to flip the name fast, so by the time the victim realizes what happened the name may already be in the hands of somebody who bought it in good faith.

Sex.com was stolen many years ago and it was an ordeal to get it back - a whole book was written about the story.
Another case that veterans (and @TheLegendaryJP in particular) will remember:
Five Years in State Prison Awaits Convicted Domain Thief Daniel Goncalves - Who Wants to Be Next?
Note that one of the victims was a former US Justice Department prosecutor and yet he struggled a bit because this kind of crime is fairly unusual for the courts.

I don't have stats but my impression is that stolen domains being returned are more the exception than the norm. Earlier I quoted two recent WIPO rulings filed in order to recover stolen domains, both were denied.

Legal action is costly. Even if the domain is valuable you have to pick your battles carefully.

To put it simply, if the thief cannot be identified and prosecuted, and the money can no longer be recovered, then each of the remaining parties will likely fight to defend their own interests. It is an ugly situation where everyone is a loser.

 

[offthehandle]

Unless it's a well-known domain and the case is publicized a lot.

That’s what was suggested earlier, get it into the mainstream news. I don’t think that anyone could lose on that, and perhaps the thief will be caught and prosecuted like in that DNJ article you posted.

I see @equity78 posts and CQD.com articles rank immediately up on the top of google. Nice.

 

[Grilled]

Has anyone made an exact chronology of calendar dates of what happened according the emails and paper trail?

I think the first mentioning of suspicious activity (as we know it) occurred on September 11th, 2017.

on 2017/03/09 i reached the administrative email "[email protected]" and got this reply on 2017/09/11:

"
Hello,


This email address hasn't been accessed for a long time because it's full of email.


I am not the rightful owner of this domain name.


It's for sale and You should ask the owner at [email protected]


I will also forward this email to him now.


Becky

here is some more info, by trying to get access to this gmail account

note also that the registrant email address on the domain WHOIS (which can be the primary account email address on NS) changed to "[email protected]" on around 2016-08-13

After a bit of forensics, I had a hunch the recovery email address was [email protected]

However, as I don't have access to [email protected], I was unable to confirm the verification code.

Selecting "Try another way", will allow you to enter another (any) email, and google will send a new code there. However, upon verifying that code, I was not granted access. I assume Google has a number of security protocols to grant access to a secondary email, not previously affiliated with the account.

IDK... but I will keep trying to find the alleged hacker / thief...

 

[anantj]

As a side note, since mr. Booth knowingly elected to keep (allegedly) stolen property

When you yourself use the term allegedly, why then, without unequivocal proof should @BoothDomains return the "allegedly" stolen property without having the allegations proved in a court of law?

 

[Grilled]

When you yourself use the term allegedly, why then, without unequivocal proof should @BoothDomains return the "allegedly" stolen property without having the allegations proved in a court of law?

Why did allegedly @BoothDomains allegedly purchase an alleged stolen domain for allegedly $25k when allegedly Jack K. was allegedly presented an alleged cancelled escrow transaction screenshot that allegedly showed $19k?

 

[DaveX]

@Grilled Any updates?

 

[Grilled]

@Grilled Any updates?

I haven't spoke to Rebecca in a few days. I was planning on reaching out tonight to reconvene.

 

[winst]

Wow, I left for vacation for 1 week and this thread is now 42 pages!

It is likely that we will not learn the real details(if ever) because Network Solutions, Escrow.com, and James Booth are all following their lawyer's advise and keeping the details private.

I do sympathize with Rebecca. It has always been my pet-peeve when James, Escrow, NetSol all claim no responsibility because they all followed an "established system" with flaws. The reality is the hacker exploited the weakness from all three(or more) parties:

Network Solutions and various hosting and email companies: sloppy security, incompetent support staff (often make things up to please customers)
Escrow.com and James: verify ownership only via current WhoIS, never look at suspicious whois history or other activities (for most cases, there were no reason to).

 

[anantj]

Why did allegedly @BoothDomains allegedly purchase an alleged stolen domain for allegedly $25k when allegedly Jack K. was allegedly presented an alleged cancelled escrow transaction screenshot that allegedly showed $19k?

AFAIK, it was alleged to have been stolen AFTER he'd purchased the domain. Not before. Prove otherwise with hard evidence and not conjectures, theories and assumptions.

Your conjectured connection between Jack/Jake and @BoothDomains as well as assumption that someone with one of those two names is the buyer is at best a guess and at worse an incorrect belief. Until you can provide evidence proving this theory unequivocally, it does not hold any weight where it really matters, in a court of law and not the court of public (read namepros) opinion.

Personally, I don't like @BoothDomains especially due to their involvement in the shill bidding scandal at NJ (and a very very weak argument on that thread) and think their ethics are at a standard much below what they should be. And further still, I don't think offering to sell the domain to the previous registrant is a nice gesture (far from magnanimous as some have indicated it). I think their hands are not fully clean.

But, in this case, I don't think they should merely give the domain back without all facts available and judged by a court of law. For all I know, the person claiming to be the previous registrant either isn't or is misrepresenting facts. I don't know either and nor am I (or anyone on this thread) a judge in a court of law to pass judgement. Form opinions all you (you in the 3rd party) want but that changes nothing for either of the alleged victims. And consequently, as much as many folks here want him to return the domain, answer their insinuations/allgations/accusations/questions etc., it is either's choice to do so. And as it is "alleged" that the new buyer has retained legal counsel, pretty sure they'll listen to the counsel more than anyone else here despite calls and warnings to share evidence here.

He owes nothing to anyone here.

 

[Grilled]

Both these emails are being checked, and are opening new emails. But what alleged scammer wouldn't open an email with the subject offering $50k for each 3 letter domain

Does anyone think he/she/they are watching this thread?

 

[DNWon]

Does anyone think he/she/they are watching this thread?

I would say most definitely, as this was orchestrated by someone with a superior knowledge of the domain industry and it's security vulnerabilities!