alert [RESOLVED] - Scammed by hacker $3,000 btc pornography.com affiliate.org etc

[Investful]

The sale thread is in another forum.
https://bitcointalk.org/index.php?topic=1722533.msg%msg_id%
and these domain were also listed on hackforum and flippa.

I bought 2 domain from him, paid ~3k in bitcoin.

It went smoothly initially, he actually went first(I thought nothing could go wrong) transferred the domain into my account, and gave me a week to pay it off. A week later, I paid in full.

But few days later, I get a message from the domain company "namecheap/enom" telling me those 2 domain has been "Locked due to pending Transfer Dispute".

send payment to address:
1J8moCzzRg6rdoGv1aqoPJCqrkXhocwNtT
1NmBxpMrY1wqKsWD8HK6n9ZQF6WP5povFK
17An4YMbWeXhkg7nnPumdrgHSgVeut1jbY

Here's are the list of stolen or his domains(how does owner of $100k+ domain not have strong account security).
pornography.com
lurking.com
schoolteacher.com
automating.com
disturb.com
overpopulation.com
affiliate.org
affiliatemarketing.net
TMZA.com

many of these domains were listed in flippa.com a week back.

 

[Jv1999]

Please don't keep trashing Bitcoin. Bitcoin offers one of the best and safest payment methods if it is used properly. It wasn't Bitcoin that was the problem here. In fact the payment went through a Bitcoin mixer, but I'm not sure how you can discover this before you make the payment.

PayPal is the scammers chosen method of payment, and Bitcoin offers a way to escape from this, and at a lower price. Would escrow have worked in this case, if the the payment was released after a succesful transfer that was subsequently reversed.. A time delayed multi-sig Bitcoin payment would have been safer if the seller was prepared to wait. Obviously he wouldn't in this case.

Obv, if you're a seller don't trash btc

but if you're a buyer, trash btc,

you can't be one-sided about this. PayPal offers buyer protection, btc doesn't.

 

[MANNYKURSH]

Bitcointalk.org is runing by iresponsable people.. they will ban your account for nothing but they will never ban the scammers...everydays we scam ppl up to $20.000.. we should report this site to the Top online site scams used by criminals. now i know my account will ban forever....

 

[Kuffy]

Bitcointalk.org is runing by iresponsable people.. they will ban your account for nothing but they will never ban the scammers...everydays we scam ppl up to $20.000.. we should report this site to the Top online site scams used by criminals. now i know my account will ban forever....

Just stick to the technical boards, and ignore the ponzi and gambling boards then.

 

[eurorealtor]

Speaking of escrow service, do you guys know a few trusted ones?

escrow.com, Sedo, eCop

 

[usernamex]

wow, so you did manage to get 2 names for $3K? )
Which of the list were they?

t m z a and automating, is my deduction

 

[usernamex]

So they were not stolen? The seller actually owned them? But tried to steal them back anyway? That's where I got lost in the thread, the bitcoin discussion makes it scattered to follow.

That is like winning the lottery, a great prize for all the hassle and anguish you must have gone through!

 

[wayne wooldridge]

From what i understand, buyer purchased 2 domains (tmza dot com and automating .org) from external forum, using bitcoin, both for 3k purchase price.

The seller transferred the domains upfront; but when payment was made to seller, the seller made claim to registrar that the domains were stolen to get them back and make off with domains plus cash.

Please someone correct me if I'm wrong.

 

[lock]

I saw pornography dot com somewhere advertised recently thought it was cheap but a lot more than that.

 

[Domains - Wanted]

...Would escrow have worked in this case, if the the payment was released after a succesful transfer that was subsequently reversed...

YES, it would help a lot. There would have been a clear record (read: proof) of payment for the domain(s) in question to the very same party that pushed/transferred them.

 

[Domains - Wanted]

...I assume that the party who pushed the names set up a false id, and this wouldn't have helped with escrow.

I disagree. The buyer would have paid to the intermediary (escrow) company. Escrow would have forwarded funds to the same party that pushed/transferred the domain. All nicely documented by the escrow intermediary. Hence, no way for this particular scam to succeed with escrow.

 

[Domains - Wanted]

Have I missed something here? I thought this was the sequence -

Sorry, I was referring to a model escrow transaction, not this particular scam where there was no space for escrow.

 

[Investful]

How would someone use escrow if the scammer went first, gave me the domain without me paying a penny to him, just by showing him my real name/id/address. I know red flag from hindsight.

Another point, I had the domain secured under my account safely for more then a week~, without any dispute complain during that time, that's why there's 3 different payment in span of a week. It happen just after I paid in full.

According to whois information, the last update date was,
Updated Date: 2016-12-03T02:45:13.00Z
and sale thread date was 12/20/2017
and I bought it in 1/15/2017, and finalize payment sale in January 22, 2017.

The domain was in my hand for a week, and scammer had the domain for a month+. How does namecheap/enom and the original owner have so low of security for 100k+ domains list. 2 months? if any longer the thief would had secured the domain?

 

[Kate]

Indeed the problem here is lack of due diligence. BTC makes it more difficult to trace the money to the person behind this scam.
I'm all for anonymity but it's less acceptable for large business transactions.

Where are the original owners of the domains ? Are they even aware of what's going on ?

 

[MasterOfMyDomains]

Actually Bitcoin is not as anonymous as people think. because everything is recorded on the blockchain foir public inspection. It's even less anonymous if you register your address in various places, which is what I have done. It would be a simple matter for anyone to track a payment back to me.

This case was a bit different though, The scammer ran the payment through a mixer. A mixer is a site that takes a load of payments and splits them and jumbles the bits. It then pays the scammer with some of the bits that have come from various sources. It isn't possible to track the payment through the mixer.

If you are paying a large amount in circumstances such as this one, you should verify the address of the recipient, or use a multi-sig with a trusted third party.

BitcoinMixers?
Nope wont use paypal either
Sedo looking better every day

 

[ison]

Please reprt this to one of the global moderators there. to stop others being scammed.

I started a thread in Meta that links to this thread.

Just recently, a staff and a global moderator there tried to extort a member (he would later claim it was a sting operation to expose a criminal - irony at its best). Anyway, after being exposed, it took days before she/he was stripped of his/her positions - and even then, only after people started asking why Theymos wasn't doing anything. The person's account remains pristine though. In fact, the only sure way to get banned there is to dox Theymos.

 

[hostnesta]

I only purchased 2 domains from that list.

The signs were all there, I got caught off guard when the scammer went first.

Without me paying a penny, he pushed the domain into my account and gave me a week to gather the bitcoin and to pay it off. I thought it was secured under my account since it's been there for a week, so I paid him in full.

But few days later, I get a message from enom/namecheap about this 2 domain under "transfer dispute lock" and under investigation by risk department.

The new domain transfer policy by ICANN now creates this lapses as it has to be confirmed by both parties.
I am sure that was still within the window period up for any changes or challenge.

 

[Investful]

Does pending transfer dispute mean, the last owner filed a theft dispute?

I'm not sure, but all the domains are currently registry locked(so can't transfer out or change info) and the status is under investigation by enom risk department.

wheres the risk department when the hacker login and out from 12/3 to 1/28(about the time when registry lock) occurred.

 

[RBCDNs]

Another red flag, no one push domains first without securing payment.

This is where making use of an escrow service becomes even more relevant. Speaking of escrow service, do you guys know a few trusted ones?

 

[RBCDNs]

escrow.com, Sedo, eCop

Thanks, I appreciate the info!

 

[RBCDNs]

NP member @Brandon Abbey is now at Payoneer.com
Check them out.

Peace,
Cyberian

Thanks, I appreciate the info!

 

[SuperDudePro]

Could someone do a review/summary of what we think happened here and how? I'm kind of lost, but I'd like to understand.

 

[SuperDudePro]

From what i understand, buyer purchased 2 domains (tmza dot com and automating .org) from external forum, using bitcoin, both for 3k purchase price.

The seller transferred the domains upfront; but when payment was made to seller, the seller made claim to registrar that the domains were stolen to get them back and make off with domains plus cash.

Please someone correct me if I'm wrong.

So it was the seller who tried to steal it back? Not the rightful owner? And we're assuming that it was an email hack/id hack?