alert [RESOLVED] - Scammed by hacker $3,000 btc pornography.com affiliate.org etc

[Investful]

The sale thread is in another forum.
https://bitcointalk.org/index.php?topic=1722533.msg%msg_id%
and these domain were also listed on hackforum and flippa.

I bought 2 domain from him, paid ~3k in bitcoin.

It went smoothly initially, he actually went first(I thought nothing could go wrong) transferred the domain into my account, and gave me a week to pay it off. A week later, I paid in full.

But few days later, I get a message from the domain company "namecheap/enom" telling me those 2 domain has been "Locked due to pending Transfer Dispute".

send payment to address:
1J8moCzzRg6rdoGv1aqoPJCqrkXhocwNtT
1NmBxpMrY1wqKsWD8HK6n9ZQF6WP5povFK
17An4YMbWeXhkg7nnPumdrgHSgVeut1jbY

Here's are the list of stolen or his domains(how does owner of $100k+ domain not have strong account security).
pornography.com
lurking.com
schoolteacher.com
automating.com
disturb.com
overpopulation.com
affiliate.org
affiliatemarketing.net
TMZA.com

many of these domains were listed in flippa.com a week back.

 

[Kuffy]

Have I missed something here? I thought this was the sequence -

The deal was negotiated and a price agreed.
The seller transferred the names to the buyer.
The buyer verified that the names were safely in his account, and started to use them.
The buyer sent the money to the seller.
Some time later, the buyer was told that the names were stolen, and they had been removed from his account.

I thought that escrow paid out as soon as the buyer verified the safe receipt of the names. Up until this point the buyer hadn't paid anything. So the payment by the escrow company, and the payment by the buyer would have happened at the same point in the transaction. Hence my comment that escrow wouldn't have been any help. Of course, if the escrow included an element of insurance, then there could have been a claim on that, but that is a different issue.

 

[Domains - Wanted]

Actually Bitcoin is not as anonymous as people think. because everything is recorded on the blockchain foir public inspection. It's even less anonymous if you register your address in various places, which is what I have done. It would be a simple matter for anyone to track a payment back to me.

This case was a bit different though, The scammer ran the payment through a mixer. A mixer is a site that takes a load of payments and splits them and jumbles the bits. It then pays the scammer with some of the bits that have come from various sources. It isn't possible to track the payment through the mixer.

If you are paying a large amount in circumstances such as this one, you should verify the address of the recipient, or use a multi-sig with a trusted third party.

Fascinating. And utterly incomprehensible. I'm old

Seriously, thanks for your insights, shorthand that they are. Guess it's time I catch up and make friends with this Mr.Bitcoin...

 

[Kuffy]

I think if you are honest, there is no disadvantage in posting your address publicly. This means that if someone is impersonating you, they can't verify the address they use. For the record, I associate this address with my Jet Cash persona.
167YShzmzSRZcfoFjAv8JBx31v6DwGwCtt

That's the one I will be using to accept payments for domain sales.

Some people suggest that you use a different address for every receipt, but I think that overcomplicates things. I have got other addresses for savings, so there isn't much associated with that address of mine.

Maybe it would be useful for NamePros members who use Bitcoin to register their addresses in a thread here.

 

[creataweb]

Simple, don't use scammy sites like the one mentioned above. Always think hard and be careful with what you're doing online.

 

[wayne wooldridge]

What I don't understand here is that where's the real owner of those domains. When those domains have been "handled" by that anonymous scammer for quite some time, the owner was sleeping all along? Didn't the owner ever receive any message or notification from Namecheap about the domain transactions? Could it be that there's some sort of "relationship" between the scammer and the real owner which allow the scammer to access the domains worth hundreds of thousands of dollars. There are just a lot of possibilities here. It's just shady!

It's also plausible that if the scammer had the original owners account credentials, he could mark any account alerts as "read", as well as control messages in his email account if he also had access to that.. It would then probably take awhile for the owner to notice any changes, especially if he has a large portfolio.

 

[Kenny]

Hope this helps, and sorry if I went overboard; I like puzzles.

Dude, nice work. You got skillz. Have you met @TheLegendaryJP ?

Peace,
Cyberian

 

[Kenny]

This is where making use of an escrow service becomes even more relevant. Speaking of escrow service, do you guys know a few trusted ones?

NP member @Brandon Abbey is now at Payoneer.com
Check them out.

Peace,
Cyberian

 

[Recons.Com]

Updates:

eNom/NameCheap closed the transfer-dispute and allowed me to keep the domains.

Domain is no longer registry locked.

wow, so you did manage to get 2 names for $3K? )

Which of the list were they?

 

[Investful]

eNom/namecheap risk department did an "investigation", and put those domain under registry transfer lock.

After the investigation, they just emailed and said sorry for wait and unlock the domains. They did not provide any details to me.

 

[Investful]

I only purchased 2 domains from that list.

The signs were all there, I got caught off guard when the scammer went first.

Without me paying a penny, he pushed the domain into my account and gave me a week to gather the bitcoin and to pay it off. I thought it was secured under my account since it's been there for a week, so I paid him in full.

But few days later, I get a message from enom/namecheap about this 2 domain under "transfer dispute lock" and under investigation by risk department.

 

[168]

I only purchased 2 domains from that list.

The signs were all there, I got caught off guard when the scammer went first.

Without me paying a penny, he pushed the domain into my account and gave me a week to gather the bitcoin and to pay it off. I thought it was secured under my account since it's been there for a week, so I paid him in full.

But few days later, I get a message from enom/namecheap about this 2 domain under "transfer dispute lock" and under investigation by risk department.

We may all have to check with the registry/who is when dealing with an unknown source prior to purchase in the future. these types of scams are becoming all to common.
Most transfers are subject to reversal for up to 30 days, so to all, keep this in mind when buying from an unknown source.
Even if paying in BC for this amount, use Escrow services ! (Scammers would likely say no to this raising yet another red flag)
Cheers
Cheers

 

[deez007]

Hmmm I wonder if you actually contact Namescheap and show them all the proof and give them copies and screen shots of the conversations that took place IF maybe they would be able to see that you have been scammed and then MAYBE they would unlock the domains and release them to your account... then you would be scr*wing the scammer properly cos you would essentially have domains worth $xxx xxx for $3k and he would be the one out of pocket. Win/Win situation if you can manage to convince Namescheap to play ball.

Worth a shot I'd say, sure it might not work but nothing to lose and plenty to gain...

 

[Kuffy]

I had a look at the thread on Bitcoin talk, and there are several red lights.

The poster is a newbie with no trust. That in itself is not a problem, but it does mean one should approach the purchase with caution.

Also, I notice that the seller does not have any negative trust entries. I would have thought that this would be the first thing to do. Please reprt this to one of the global moderators there. to stop others being scammed.

I started a thread in Meta that links to this thread.

 

[wayne wooldridge]

There doesn't seem to be much that can be done here. The names never belonged to the scammer.

Likely he gained access to the registrants account(s) and just put up the names for sell on a site where nefarious activity is allowed. All he had to do was find someone to take the bait, he transfers names, knowing he had nothing to lose.

Leaving the original owner of the domains to realize his names disappeared from his account. It's not the scammer getting the names back, but the rightful owner. The scammer is laughing his way to the bank while you are left holding the empty bag.

Sorry this happened, but it is very suspicious d someone would just transfer a name like that without payment. Live and learn...

 

[Kuffy]

I'll knock bitcoin. After reading this, i wont use bitcoin for any transactions until there is an xx,xxx sale in .men
Even if bitcoin is safe now, and it doesnt appear to be. Scammers will figure out different ways to scam with this invisible coin.
Sorry about your loss

and you would probably use PayPal - the scammers real friend.

You need to read about Bitcoin, and all the features that can be built into secure payments.

This fraud was not about Bitcoin, but about the vulnerabilities in doman name security and transfers.

 

[catchmesleeping]

Anytime I have the slightest doubt that a seller has 'hot' domains, I always verify the ownership history. In a case like this, trace it back to the last owner who held the domain names for an extended period of time. Call them or email them and ask what happened to the domain name.

 

[Investful]

Yes those were the domains I purchased.

 

[UmerK]

eNom/namecheap risk department did an "investigation", and put those domain under registry transfer lock.

After the investigation, they just emailed and said sorry for wait and unlock the domains. They did not provide any details to me.

Luck favors the brave Although no one including yourself would suggest doing such a thing with that many red flags, congrats and best of luck! You've got yourself nice enough names now to forget about the headache you had over last few months, cheers!

 

[Investful]

That's even more suspicious to me, lmao.

I did show him some proof of id, real name and address before he went first.

 

[premkumar]

I agree, Escrow definitely more safer, but according to this article
http://www.domaininvesting.com/escrow-and-aftermarket-platforms-dont-do-your-due-diligence/

" An escrow service is there to secure the funds and ensure a domain name transfer to the buyer, not to verify that the sale is legitimate."

The scammer went first, domain was transferred to me, and I had it secured under my account for a week to gather enough bitcoin to pay.

Escrow would only delay the transaction and give time for inspection. I don't think escrow do due diligence on domain to check if it's stolen.

The Advantage in Escrow is, if the person caught once they ban the account and he may not use it again. I have been once offered 3 character domain but he want paypal or bitcoin and he won't accept Escrow payment. On quick search he is well known hacker from UK lol. Escrow is better, Also transfer out domain especially to chinese/russian domain company is super. No account push.

 

[namezest]

That whois info is bogus not a real UK address.

 

[ison]

https://blockchain.info/ << Use this to trace BTC transactions.

You can try contacting Coinbase support team with proof and let them know what happened. If the recipient was using Coinbase, they might freeze his account.

Coinbase won't lift a finger without a court order.

Bitcointalk is not a place to buy domain names, it infected with scammers..
try to send Theymos a PM with proof..he can help you

Theymos will just ignore you. He is a libertarian extremist, and he believes in the warped definition of the 'free market.' He even rejects the concept of intellectual property. Even proven scammers are not banned from Bitcointalk, aside from a scammer tag.

There was a guy once whose account was hacked and sold (yes, Bitcointalk accounts can be sold). Theymos refused to return the account to the original owner, and instead blamed him for lax account security. It is worth mentioned that the account was resold for 1BTC (IIRC) by someone under the Default Trust list.

 

[Kuffy]

There is a proof of payment with Bitcoin. In fact the whole history of payments to a wallet are available for public scrutiny on the blockchain. I assume that the party who pushed the names set up a false id, and this wouldn't have helped with escrow.

It is also possible to register your wallet address in various places, and a careful buyer can reserch those. This is why I suggest that Bitcoin when used sensibly and correctly can be the best form of payment for domain names.

 

[MasterOfMyDomains]

I'll knock bitcoin. After reading this, i wont use bitcoin for any transactions until there is an xx,xxx sale in .men
Even if bitcoin is safe now, and it doesnt appear to be. Scammers will figure out different ways to scam with this invisible coin.
Sorry about your loss

 

[Kuffy]

Bitcoin talk is great for tech discussions, and opinions about Bitcoin and its prospects. Unfortunately there are a lot of sig spammers and promoters of ponzis and gambling sites. Use it for the tech discussions, and ignore the rest.