Urgent: Domain thief

[idndomainer]

My domains and forum accounts have been hacked.

NOTE: MY USUAL USERNAME AT NAMEPROS is "1rrr1". The hacker has taken this account. PLEASE DO NOT DEAL WITH THIS USERNAME, HE HAS STOLEN MY DOMAINS.

Many things have happened and I'm discovering more and more
- Somebody managed to get into my gmail account and added their email as a secondary email.
- my domainsite accounts have been entered into and all my domains gone from there, around 200. pushed away yesterday I think because the IP and login was locked
- my godaddy account entered into and domains taken - had a 3 letter .com there
- sedo account logged into, all my info changed.
- my account completed changed at DNF, and i can't even log in to it now.

Please help me, and most importantly. Please do not purchase any domains from "1rrr1"

 

[shane mac]

Wow they really did a number on you.I hope you have alerted the registrars about this.They may be able to trace the domains but this will take a lot of time and effort.Its going to get messy before it gets better.

 

[Wickedd00]

Well, how did he hack you ?
Cheers,
- Wickedd00

 

[idndomainer]

DO NOT PURCHASE THESE DOMAINS. Also let me know if you see these put on sale anywhere
From Godaddy
qwz.com
sjj.info
rwy.info
lky.info
mjl.info
vng.info
474.info

From Domainsite, here are some, I have some more but I don't have record of.
xxf.info 2009-09-12 21:34:16 40

xn--1qwt01a.net 2009-10-29 03:26:27 87

xn--w8yu4c.net 2009-10-29 04:02:35 87

xn--sny74y.net 2009-10-29 04:05:11 87

xn--1jq52s.net 2009-10-29 05:42:06 87

xn--wny099c.net 2009-10-29 06:01:21 87

xn--kbtq9u.net 2009-10-30 04:29:01 88

xn--ngbngsngculong-5ob17b7272bnrazp.com 2009-10-09 22:51:00 67

xn--culong-3r8b.com 2009-10-09 22:51:01 67

xn--tynguyn-pwa1f.com 2009-10-09 22:51:01 67

xn--tybc-boa0986b.com 2009-10-09 22:51:02 67

xn--ngbngsnghng-7eb48aj356aqoala.com 2009-10-09 22:51:03 67

xn--bctrungb-800dlq.com 2009-10-09 22:51:03 67

xn--namtrungb-8o7d.com 2009-10-09 22:51:04 67

xn--ngnamb-hxa5uq55w.com 2009-10-09 22:51:04 67

xn--nuevolon-g1a.com 2009-10-11 10:18:41 69

xn--pssw6ixt1bids.com 2009-10-12 12:29:14 70

xn--80aanub7aj7byc.com 2009-10-12 22:33:02 70

xn--80adch1apul2c2c5fb.com 2009-10-12 22:33:03 70

xn--80adfe0aphbgbjdpk8m3f.com 2009-10-12 22:33:03 70

xn--80ahdunf2d6b.com 2009-10-12 22:33:04 70

xn----7sbbagd9cbwcizr0b4ipgk.com 2009-10-12 22:33:04 70

xn--80aaf5ab7aj1a2e3e.com 2009-10-12 22:33:05 70

xn--80ajplelhc4a0f.com 2009-10-12 22:33:05 70

xn--80adrhc5bze2d.com 2009-10-12 22:41:37 70

xn--80aaeeg6ae1abreo7l8e.com 2009-10-12 22:41:37 70

xn--80aah3aco2am9f.com 2009-10-12 22:41:38 70

xn--80ada6ac2b9dd1g.com 2009-10-12 22:41:38 70

xn--80aafwkcefu7a7itf.com 2009-10-12 22:41:39 70

xn--80ahduru1f.com 2009-10-12 22:41:39 70

xn--80aaf6acrgug7h.com 2009-10-12 22:41:39 70

xn--80adjunbrm3h5d.com 2009-10-12 22:41:40 70

xn--80atftbk9d.com 2009-10-12 22:41:40 70

xn--80ajpdjghfnd0jb0k.com 2009-10-12 22:41:41 70

xn--80adsina8d5b3e.com 2009-10-12 22:41:41 70

xn--80adsidne1a3h.com 2009-10-12 22:41:42 70

xn--80aaaa5atc2bimk5j.com 2009-10-12 22:41:42 70

xn--80aatbpwgj3i6d.com 2009-10-12 22:41:42 70

xn--80algakknsjf9i.com 2009-10-12 22:41:43 70

xn--80ajjidej4do1dd.com 2009-10-13 10:01:04 71

xn--80adibzpu5cd0d5f.com 2009-10-13 10:01:05 71

xn--80abmu2ahah4j.com 2009-10-13 10:13:24 71

xn--80afgueen1a2h7a.com 2009-10-13 10:13:25 71

xn--80afdezqberp0n.com 2009-10-13 10:13:26 71

xn--80apgggy4h.com 2009-10-13 10:13:27 71

xn--80abcmoo2cf6j.com 2009-10-13 10:13:27 71

xn--80adciooefs9a9l.com 2009-10-13 10:13:28 71

xn--600a.com 2009-10-14 11:03:57 72

 

[Wickedd00]

Thanks for the info !
Cheers,
- Wickedd00

 

[FX]

thats scary stuff....... I hope you get this sorted out buddy

 

[goodkarmaco]

This is very stessful for you. Keep calm and talk to the registrars about this. Thks for the heads up.

 

[turnhardtoeasy]

ya be calm,
report all the registrars about it...
call them up - this helps better than emailing

even contact rj to get ur NP account back....
obvioulsy you would need to prove that u r the owner and not the hacker
cheers

 

[Ralph2472]

Domain Theif

Wow ! this is really bad.
We should all keep a look out for these domains to try and help.
I have never used Gmail or Hotmail etc. but I notice that most of the scam emails I get use them possibly for annonimity.
I always print a list of my domain names so that it's easy to see what you've got. (A sort of backup if you like)
A whois search will show where they are now registered, and contact with that registrar/s should be made.
Let's all hope you get your domains back.

(EDIT) I just took the time to check the Whois records for some of your domains, and they do have a variety of registrants. However some of these domains haven't been touched since May; so either this scam started quite a while ago, or you have registered the domains under different names. Either way you can chase up each registrant through the Whois databese.

Regards

Ralph. [email protected]

 

[Electric-Shadow]

Contact Jennifer or NPQueen, they will sort things out for you regarding your account.

 

[aceeca]

My domains and forum accounts have been hacked.

NOTE: MY USUAL USERNAME AT NAMEPROS is "1rrr1". The hacker has taken this account. PLEASE DO NOT DEAL WITH THIS USERNAME, HE HAS STOLEN MY DOMAINS.

Many things have happened and I'm discovering more and more
- Somebody managed to get into my gmail account and added their email as a secondary email.
- my domainsite accounts have been entered into and all my domains gone from there, around 200. pushed away yesterday I think because the IP and login was locked
- my godaddy account entered into and domains taken - had a 3 letter .com there
- sedo account logged into, all my info changed.
- my account completed changed at DNF, and i can't even log in to it now.

Please help me, and most importantly. Please do not purchase any domains from "1rrr1"

Have you lost any domains on Enom?

The reason, I'm asking is that I bouught this two names from 1rrr1 sometime back, but I got an email from Enom today:

"Two domain names have been reported as fraudulently removed from another account and pushed into your account. The domains, XXX.in and XXX.in. A freeze has been placed on them. Please tell us how you obtained these two domains and provide any relevant documentation .



Thank you,"

 

[donnied79]

I've just been contacted from Enom.com for 6 domains i acquired on July 25 from 1rrr1

"The account listed above contains domain names that have been reported as fraudulently removed from another account. The account and domains have been locked. The following documentation will need to be provided regarding this account and the domains within it:



* Government issued photo ID (Scan or Digital Photo of a Passport, etc.)
* Scan or digital photo of the Front and Back of the credit card used on the account (First four numbers and last five numbers need to be visible, black out the others.)
* First Page of the corresponding Credit Card Statement. Transactions can be blacked out.
* Documentation that validates you as the owner of the domains, such as receipt of sale, correspondence, articles of incorporation or a business license.
* Explanation of how did you obtain these domains.



Thank you, "

 

[Ntuition]

Wow.. I hope you get this all sorted out before it gets even more complicated. I applaud your efforts and what you are doing. Thanks for the heads up, we will surely watch out for 1rrr1.

 

[enom]

The systems well programmed . I can say one. Human error. Do not use same passwords as using in registrars. Use only long passwords containing various characters such as $#4dd34@#$df443f5f533 its strong passwords . If you have password like this u can use it width out changing it 5 or 6 years. Same for your mail u using for registrar . All passwords you can save in a secure sd card and it never be hacked. So you loose your domains because of weak passwords and same passwords using in forums and other various sites. Don be so stupid and you have your domains many years

This is million worth words so take it and use it

 

[namesells]

i bouught qwz.com from steelejones.
(http://www.namepros.com/high-priced-domains/592805-lll-com-nl-com-lll-info.html)

 

[Nodws]

most frequent "hack" is a Keylogger on a Public PC, school, library, internet c@fe, etc. also a easy password OR answer to secret questions.
or a keylogger+mailer/IRC trojan on your system.
cookie theft is another possible answer to this.

often the hax0r is some one you know and has/had access to your pc fisicaly

 

[ana_yax39]

my goodness.this is scary.I hope you sort it out soon bro.....
I think everybody should support him.

 

[kgdhin]

oh!!!strange to hear.Hereafter be carefull with your account.i advice would be dont keep your password so simple that anybody could find out,again another thing dont keep the popular names orplaces, whatever dont keep.it will easy for hackers to hack your account........beware!!

 

[riks.rocks]

Thanx 4 d info