DAN.com

The domain Tobacco.com has been reported as stolen

Labeled as alert in Warnings and Alerts, started by Acroplex, May 22, 2020

Replies:
16
Views:
1,684

  1. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,123
    Likes Received:
    2,316
    Tobacco.com is currently a stolen domain asset, after a double transfer from Network Solutions to GoDaddy and then Ionos.

    More information.
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. mdrn

    mdrn ybrand.co

    Posts:
    226
    Likes Received:
    83
    For those with a lot of premium domains, enter your registrar email here haveibeenpwned.com and it will tell you if your email has been in a data breach before. If it has, I would highly recommend you make a completely new password. Also, enable 2FA always.

    A lot of these stolen domains occur due to these previous data breaches with user's emails and passwords. They use that data to mass login to registrars.

    Be careful out there everyone!
     
  3. mdrn

    mdrn ybrand.co

    Posts:
    226
    Likes Received:
    83
    There are also targeted phishing attacks too, so for example be wary of GoDaddy emails and confirm their authenticity by looking at who the email sender is.

    Usually if it is a phish, the email sender will not be from a @godaddy.com email.
     
  4. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,123
    Likes Received:
    2,316
    Most if not all generic emails have been involved in such a breach. It's not safe to use ISP email accounts to manage domains.
     
  5. mdrn

    mdrn ybrand.co

    Posts:
    226
    Likes Received:
    83
    I would not recommend users use their personal emails to secure their registrar accounts. You should make a new + fresh email with a new, difficult password. Highly recommended to put 2FA on email and registrar account.
     
    Last edited: May 22, 2020
  6. DomainRecap

    DomainRecap Top Contributor VIP

    Posts:
    4,046
    Likes Received:
    3,423
    The only way to protect yourself against social engineering hacks is to use a registrar email that you have full control of and that isn't on any public WHOIS record. In order to gain access to that email, they would need to a) know it and b) do an hack onto a server, and that's not what happens, as 99.9999999% of these intrusions are scammers calling up a business and pretending to be you.

    All this 2FA is only as good as the CSR on the other end, because the scammers will call from some hacker mill with "Me Joe Smith, me lost passwords" and at that point, all this 2FA is junk because the CSR will often go to "the script" to "help his customer" and start asking basic crap like for addresses, DOB, phone numbers, account numbers, etc., which is all info freely available on the dark web.

    Remember, these CSRs are in the CUSTOMER SERVICE business, not the security business, and if the scammer bought the right info, it's bye bye 2FA.
     
    Last edited: May 22, 2020
  7. mdrn

    mdrn ybrand.co

    Posts:
    226
    Likes Received:
    83
    Sure, there are many scenarios.

    Better have 2FA on than not.
     
  8. DomainRecap

    DomainRecap Top Contributor VIP

    Posts:
    4,046
    Likes Received:
    3,423
    Sure, it's like putting an extra lock on the door, but it doesn't make the door itself any more secure to intrusion.

    Most CSRs are giving away accounts like candy, and it even happened at GD not long ago, where a support guy was fooled by social engineering and a lot of domains were transferred out.

    A registrar email you own and control (and is not on public records) + 2FA everywhere else is the best you can do.

    If they figure out your email, hack your server, then call up GD and fool them into thinking it's you to get rid of 2FA, then you just need to tip your hat to their sheer intelligence and work ethic.
     
    Last edited: May 22, 2020
  9. mdrn

    mdrn ybrand.co

    Posts:
    226
    Likes Received:
    83
    Don't get me wrong I agree with you, it happens all the time.

    Social engineering attacks will always be here, just have to protect yourself as much as possible.

    You can't really prevent them if your info is already out there (WHOIS info), like you said!
     
  10. Kingslayer

    Kingslayer Top Contributor VIP

    Posts:
    1,816
    Likes Received:
    4,395
    Fingers crossed the rightful owner gets it back, they should be able to right?
     
    Last edited: May 22, 2020
  11. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,123
    Likes Received:
    2,316
    There is an attorney involved, so I'm hoping the outcome will be positive for the legitimate owner.
     
  12. Namesolve

    Namesolve Upgraded Member Blue Account

    Posts:
    66
    Likes Received:
    65
    GoDaddy's plan to Remove Public Whois Information in early June sounds logical after all
    .
     
  13. DomainRecap

    DomainRecap Top Contributor VIP

    Posts:
    4,046
    Likes Received:
    3,423
    Definitely, and the worldwide public WHOIS system is the single greatest source of information for scammers, and by far the biggest risk for consumers. Anyone advocating against private WHOIS is either a rip-off artist or benefits monetarily from its presence (security firms, etc.).

    That's why the EU got rid of it, as this system costs the citizens of developed nations billions a year in monetary losses.

    Long ago, I foolishly registered a .US, which doesn't support privacy and superseded my account-wide privacy option, and not a day after I was getting security intrusion alerts from several different companies and my ISP proceeded to give away my entire account to some jokers in Morocco (it was traced by the RCMP) sitting in a lawless zone the cops won't even enter.

    Free and open WHOIS for private individuals, who are required to enter valid info, is like an endless buffet for scammers and is the primary source for social engineering threats.

    It's truly insane that this system still exists in 2020.
     
    Last edited: May 24, 2020
  14. mdrn

    mdrn ybrand.co

    Posts:
    226
    Likes Received:
    83
    I did not know they were planning for this. That is great to hear.
     
  15. Mytz.com

    Mytz.com Top 4L [email protected] IEIE.com CUTU.com NESU.com KKIK.com VIP Gold Account

    Posts:
    5,870
    Likes Received:
    732
    Thank you for your sharing
     
  16. CraigD

    CraigD 360promo.com VIP

    Posts:
    1,498
    Likes Received:
    2,498
    Shouldn't the response to "Me Joe Smith, me lost passwords" be "Fine, we will email you a link to reset your password"?
     
    Last edited: May 26, 2020
  17. DomainRecap

    DomainRecap Top Contributor VIP

    Posts:
    4,046
    Likes Received:
    3,423
    This is the social engineering hack for your ISP + personal emails. How do you get an email when you've lost your email + account passwords?

    That's always the first step, get the emails, then play "forgot password" or "Call the Rep and act dumb" to gain access to anything linked to that email.
     
    Last edited: May 26, 2020

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...