Sold a domain on Sedo & giving up private information

[NLP]

I'm posting this here in case someone has dealt with this before and can tell me if this is legit. I sold a ccTLD domain on Sedo and there has been a lot of paperwork to deal with. I sent them a letter authorizing the cancellation of the name from my registrar, and now they're asking for my GoDaddy PIN.

The transfer specialist says it's because GoDaddy needs to update the address on the Admin-C records to a German one in order to transfer it, and that they need my PIN for that.

I trust Sedo, but this strikes me as strange. I don't want anybody to have my Customer Number AND my PIN. It's too easy for them to impersonate me and get all kinds of other info out of GoDaddy.

My initial response was that I'd be happy to update the Admin records for them, if they sent me the new info.

Is this a normal request on their part?

 

[nielsencl]

Even if it is normal I would not do it.

German domains are weird. I had a couple and I don't think it could be transfered.

SEDO or the buyer should provide the information, or have you contact Godaddy to make the changes. A PIN should never be given out anytime, anywhere unless you are 100% sure you are dealing with Godaddy or the company that you set it up with.

It may be easier for SEDO to work like this to be sure the process works well, but what if they get hacked or the information gets out some other way?

Your response was perfect. You are clearly an experienced and professional domainer!

 

[mwzd]

Yeah, don't give your godaddy pin and account ID to ANYONE, no matter how much you trust them.

Would you give someone the keys to your bank locker just coz you sold them a gold ring?

This sounds extremely strange. .DE does have crazy rules, but this is ridiculous.

 

[NLP]

Thanks for the input. They immediately got back to me and forwarded the email correspondence from GoDaddy, which included the name & address of the updated Admin-C contact. I'm going to change it manually.

The whole thing about asking about the PIN seemed very strange - I don't know why anyone would give that information out. I'm even paranoid about the GoDaddy reps getting it, but I suppose you could change it on a monthly basis.

 

[nielsencl]

DID THEY PAY? An email from Godaddy could be faked.

Sorry, but I worry about other domainers...!

 

[NLP]

DID THEY PAY? An email from Godaddy could be faked.

Sorry, but I worry about other domainers...!

Did who pay? The seller's payment is already in escrow. The "email" was really just a comment posted by a Sedo transfer specialist in their internal system. Rather than send emails back and forth, they have a message board of sorts.

I would never respond to an email from GoDaddy asking for my PIN.

-------
On an unrelated note, is anyone else experiencing weird issues today with GoDaddy? I just received 60 emails from them regarding nameserver changes on .DE, .COM, .NET, and .ORG names, that I didn't request.

I have 3 account reps working on the issue to see what's going on.

I checked, and they're all still in my account. But I had most of those names pointed to Sedo, and now everything has reverted back to the original DNS. Anyone else noticed this?

 

[nielsencl]

No emails about DNS changes, but I didn't have someone asking for my PIN either.

The only thing I can think of for a DNS change like that would be if someone wanted to steal parking income and changed the DNS for that. Please update us when you find out what happened. Good Luck!

 

[NLP]

No emails about DNS changes, but I didn't have someone asking for my PIN either.

Please update us when you find out what happened. Good Luck!

The two things were unrelated, but because of the coincidence it sent me into an absolute panic attack. It turns out one of the Executive Account reps (who I spoke to on the phone about issue #1) mistakenly clicked the wrong thing in my account, which reset ALL of my nameservers. I didn't find this out until I got 35 emails about my .DE names, and another bulk email that had a list of about 40+ random names that had been changed.

My personal site (which I use for my music business) was down, and all of the ones that were previously parked at Sedo were suddenly parked at GoDaddy. I got 2 other reps on the phone, and finally my rep (who was off this morning) called me back and explained that the guy I'd spoken to earlier made a mistake.

Apparently the guy was freaking out about it and printed out logs of what all of the individual nameservers had been PRIOR to the change, and changed them back. Good thing, because I didn't want to have to go through and do them all myself, one by one!

It wasn't a security breach - just a guy who didn't know what he was doing.

My sites were all down and I lost 2.5 hours this afternoon on the phone, though. Hell of a panic attack they gave me. I'm glad they admitted to the error and worked it out. Only 18 domains still have to be fixed.

 

[nielsencl]

Great story, but sorry you had to go through that. Nice to see Godaddy take care of the problem they created, makes me feel a little better about them.