strategy Unlock valuable social media accounts

[redemo]

Ever researched a domain name and found the Facebook, Instagram, TikTok, Twitter or YouTube account already claimed but not updated for 10 years? Well I recently bought a domain name and tested something. After purchase I created a catch-all e-mail account then sent a password reset request to Facebook, Instagram, TikTok, Twitter or YouTube. Four of them failed but one succeeded and I was able to claim a valuable social media account. Valuable because it has over 5000 followers and is a very popular hash-tag. It's hit and miss but you might want to try it and see if you get lucky. Cheers.

 

[dncafe]

After purchase I created a catch-all e-mail account then sent a password reset request...

Sounds like me renewing a bunch of old domains trying to recover bitcoin from around 2010

 

[forge]

Sounds like me renewing a bunch of old domains trying to recover bitcoin from around 2010

v clever mate

I'd post an emoji if I could figure out how. Thank you forum update!

(I got lucky.)

 

[dirk]

Sounds like a lot of legal liability to me tbh. But you do you in case you lack any common sense and ethics.

Next up, how to steal a domain by registering an expired domain and takeover the owner email address....

 

[forge]

Next up, how to steal a domain by registering an expired domain and takeover the owner email address....

Huh? Is that sarcasm, or what?

But, what are the ethics of profiting hugely off expired names by their registrars, or primarily one single dominant registrar? Millions upon millions of dollars -- continuous guaranteed windfall!

 

[LoveCatchyDomains]

Redemo: Please, Please seriously consider removing yourself from those accounts. And let us know if you did. I know I will respect you tremendously for doing so. You clearly are brilliant, having the skills to gain access to these accounts. But your great wisdom may better be used elsewhere.

 

[dirk]

Huh? Is that sarcasm, or what?

But, what are the ethics of profiting hugely off expired names by their registrars, or primarily one single dominant registrar? Millions upon millions of dollars -- continuous guaranteed windfall!

Yes and... Yes, there are issues with registrars auctioning domains that technically are not theirs to sell (yet). Gray area... Covered by TOS and an icann loophole if you'd ask me.

It does however provide a relatively accessible expiration pool. If no registrar did it, there would only be drops and we know who dominates those. Best of two evils?

I'll save the rest for a more appropriate thread

 

[MasterOfMyDomains]

Sick. I scored a name. Someone here owned it, they have vanished. From Australia, their names are scattered now.
It was a brilliant idea they had, many would remember this 5+ years ago. Their page well set up
Their fb page has 3500 likes, i see email they use in about us is domain based. Easy to snag, but i would never consider it. If its not yours, dont touch it
Applies in real world and digital world

 

[mr-x]

Some perspective.

Social media accounts are not the same as domains. You don't pay for them, they can be taken from you for a wide variety of reasons at the discretion of the SM company.

This isn't identity theft or anything near to it.

It's not comparable to using an email address to steal domains or commit identity fraud. In the USA, there is legal precedent for claiming real property that has been abandoned

There is an easy process for the account owner to get the account back, if they want it.

I agree it's not ethical but it is not a crime and I as well as others here have done worse. We make mistakes, we grow.

@redemo, Many years ago, I picked up a dropped name with good back-links. I was in a hurry and used content from archive.org ( lots of how to articles ) and placed adsense ads.

In the process, I learned the previous owner had passed away, then people managed to purchase products the previous owner had hand made, using links to third party eCommerce service.

Imagine my problem explaining to people why I could neither deliver the product or issue a refund.

Sometimes we create more problems for ourselves when we take shortcuts.

 

[redemo]

I have to agree, this is a pretty sleazy thing to do. At best you could be on the hook (read: sued) for hijacking a social media account. I wouldn't be shocked either if "one" would be banned from such a site for violating TOS, or worse.

First of all the account I unlocked was registed over ten years ago and had my newly registered exact-match domain name in its bio. Second it was registered to the domain name. Third all links in posts on the account were to the domain name. I'm not saying it's ok to do this. I am not saying anyone should do it. I'm saying there's a loophole and I have managed to take advantage of it. In my case I don't see the ethical issue. In fact I don't even see a legal or T.O.S. issue but like always I might be wrong. If you are REALLY concerned and not just being offended for the sake of drama then contact the social media platforms and get the security systems changed.

 

[redemo]

This can only work on Instagram because they don't ask for email address when you're trying to reset your password. They just send the request to the associated email address. But then, the person must be using an email address that ends with your domain before you can receive the mail.

The other social media won't work as you need to provide the email address linked to the account whose password you're trying to restore.

Which is exactly why it works if the e-mail account is using the domain name.

 

[redemo]

Redemo: Please, Please seriously consider removing yourself from those accounts. And let us know if you did. I know I will respect you tremendously for doing so. You clearly are brilliant, having the skills to gain access to these accounts. But your great wisdom may better be used elsewhere.

Appreciate sharing your opinions mate. I didn' t think this would be such a conroversial topic. In my case the social account is registered to my newly-acquired domain name and uses the domain name as the e-mail address too. The original owner did not provide a phone number. Their only link to the account would be knowing the original password from over ten years ago, which is probably encrypted. Good luck with that.

Having said all of that if the original owner contacted me an provided cast iron proof it was their account and their hard work building a follower base I'd probably give it back.

 

[redemo]

v clever mate

I'd post an emoji if I could figure out how. Thank you forum update!

(I got lucky.)

Hey Forge! How many N.P. members would give back anonymous $ 10 million B.T.C. if they found password and I.D. in a reset e-mail from catch-all of a newly registered domain name. Everybody? Most people? No-one? Exactly. Double standards by everbody. Oh come one, so you would give back TEN MILLION DOLLARS ANONYMOUS BITCOIN? Would you bollocks! So how is a social account any different?

 

[redemo]

Sheesh Redemo. Clever, but just because you can, doesn't mean you should. I think something like this will come back to bite you in the end. Revealing post on one's integrity, imo. This really sets a bad example of a professional domainer.

Ha. I'm not a professional domainer. Yet. In terms of integrity would you give back 10 MILLION DOLLARS from an anonymous B.T.C. account where you got the password from a catch-all e-mail adress you set up on a newly-registered domain name? Even if you didn't know who the owner was? Only you can answer that question in such a situation. Integrity indeed. Also you might be right, and as always I might be wrong. Cheers.

 

[redemo]

Actually, if a home is abandoned for a long period of time, someone can move in and legally claim it if they know how to work the law...

Thanks for sharing that video @Clover. Fair play to that man. He did his research, followed the law and got lucky. It's got diddly-squat to do with the neighbours if he's following the law. Law doesn't care about your feelings. Law doesn't care about your dietary preferences. Law is law. If you can find a loophole why not exploit it? Your ethics are only as good as your carbon footprint anyway.

 

[redemo]

Creating a catch-all email is useless if you can't provide the exact email address that was used in the first place.

Just out of interest what planet are you from? Here on Planet Earth you can enter the username and an e-mail is sent to the e-mail address, which is caught by the catch-all e-mail address and sent to the e-mail address which is linked to the catch-all e-mail address. Also I drink many tins of Stella Artois. Anno 1366. Belgium.

 

[PurpleMan]

Just out of interest what planet are you from? Here on Planet Earth you can enter the username and an e-mail is sent to the e-mail address, which is caught by the catch-all e-mail address and sent to the e-mail address which is linked to the catch-all e-mail address. Also I drink many tins of Stella Artois. Anno 1366. Belgium.

What a polite way to pass your opinion across. Since you clearly didn't understand what I said, I will explain it again.

For you to reset your password on Facebook, Twitter, and Tiktok, you need to provide the email address that is registered with the account. If for example, the email linked to a Twitter account is [email protected], you won't be able to reset the password if you can't remember and provide the email address exactly as [email protected]. It doesn't matter if you own the domain 'namepros.com' and created a catch-all email for it.

My regards to people on planet earth.

 

[Clover]

Stella Artois.

My maaaan!

Can never run out of reasons to like redemo haha

 

[frostify]

Morally it's in the grey area, legally it's just straight up illegal. I understand the 'abandonware' sort of argument but in the eyes of the actual law this is 100% illegal, even if the account uses an email that ends in your newly registered domain. Recovery theft.

 

[CraigD]

Many half-intelligent people were aware of this email catch-all 'loophole' over a decade ago.

Ethical people won't act on it, and most unethical actors wouldn't be silly enough to publicly boast about it while enticing others to do the same.

I backed you when you first joined NP because you stated that you wanted to teach people, but this is unethical behaviour and information that I do not want to see disseminated on this forum!

 

[LoveCatchyDomains]

Many half-intelligent people were aware of this email catch-all 'loophole' over a decade ago.

Ethical people won't act on it, and most unethical actors wouldn't be silly enough to publicly boast about it while enticing others to do the same.

I backed you when you first joined NP because you stated that you wanted to teach people, but this is unethical behaviour and information that I do not want to see disseminated on this forum!

So this was a well-known loophole for over a decade? Oh, my! Still not fixed by the social media accounts? Shame on them!