WARNING: How to Avoid Domain Scams and Scammers

[-REECE-]

Prevention:

Google the domain (also try adding words like stolen, scammed, help, missing, etc), asking other domainers about the domain in question, checking the various marketplaces and making sure things add up... The biggest single indicator of a potential scam is the price. A scammer will want to price the domain low enough that it sells before he gets caught. Keep a watchful eye on new members. Recently modified whois is another warning sign. If other indicators are present (ex. extremely low price), proceed with extreme caution.

Some known scams:

1. Appraisal Scam -- If they ask for an appraisal, it's probably a scam.

2. Snail mail scam letters -- Letters through the mail reminding you to renew your domains from companies which aren't your current registrar

3. Compromised web-based email accounts and keyloggers -- Using an email provided to you by your Internet Service Provider is generally safer than web-based email solutions. There have been known security flaws in certain webmail applications in the past (ex. Gmail) which made compromising member accounts considerably easier than guessing a password. Understand the risks involved with using a web-based solution. Download spyware software such as Adaware Lavasoft and scan your computer daily. Keyloggers are A) easy to put on someone's computer and B) potentially catastrophic to a web based business.

4. Unauthorizing funds (particularly bad with Paypal). Paypal makes it very easy to create chargebacks. Don't accept large amounts by Paypal unless you're dealing with people you absolutely trust. Moneybookers/Escow.com are a step above Paypal, however the best option would be to go with a true escrow service such as Sedo Escrow, Moniker Domain Escrow Service or EscrowDNS.

5. Emails saying your domain requires renew/transfer/you to take a certain action. Check the email and make sure that A) it's from your registrar and B) the url mentioned matches what your registrar's would be. Safer to just visit the registrar than click the links in the email.

6. Incorrect Whois emails -- if your whois isn't incorrect, beware. Phone your registrar if you think they made a mistake.

7. Traffic/Click Fraud -- Self explanatory. If it isn't direct navigation it shouldn't be sold as such. Due diligence is required here.

8. Hijacking -- If you use one of your own domain names as the nameserver, be sure to make sure it doesn't expire or someone could fraudulently gain control of your domains.

9. Escrow.com is NOT 100% safe. They do not cover stolen domains -- buyer beware. Don't think processing a "bargain" through Escrow.com won't potentially end in you being out money. In the event a domain is stolen from someone's account, the domain WILL be returned to the original owner and you'll be out whatever you paid for the domain.

10. One thing I should add: Most free webmail providers will delete accounts after certain periods of inactivity. A clever scammer could notice that your Hotmail/Yahoo/other webmail account had expired, register that same email address (which is now available) and then proceed to "Request Password" at various registrars using what was previously your email address. If you plan on using your webmail infrequently, it's recommend you verify what amount of inactivity is tolerable and won't result in email account deletion.

 

[FPForum]

This Ash person..has anyone tried calling the number? If the number isn't real isn't that against ICANN regulations? Dunno if it will help but it may cause the person to lose their account and/or domains in their account

 

[bgmv]

I just recieved an email from ASH, it looks like she isn't the one behind this. We need to find out who registered the email: [email protected]

"Hi,
I just did a search on DigitalPoint for threads started by "Ash" and i found the thread the hacker started:

http://forums.DigitalPoint/showthread.php?t=703254

Please could you do me a favor and tell them that this is NOT me and that the account was HACKED. I own a company impliweb.com and my PayPal e-mail address is [email protected] - so i have a big solid good reputation and hopefully you will believe that the person who posted that thread was not me.

Please could you inform DigitalPoint what has happened and tell them to disable the account as soon as possible in order to rectify the problem.

Thank you.

Regards,
Ashley Davis"

 

[GreenGambler]

Someone should submit this story to Digg, and all the other social sites.

I would but I imagine someone else is a better article writer. We can all dig it and such. That will help get some attention. Tittle it something like "PayPal helps Scammers" or "GoDaddy refuses to help Victims".

 

[bgmv]

The best part is that any information that Paypal uncovers about the scammer is PRIVATE! The only way to get it is by supeona. The are protecting the scammers identity, there is absolutely NOTHING that the seller can do, except take matters into his own hands.

I found this article online that tries to establish whether domains are TANGIBLE,click here. There is a law called the Tresspass to chattels which seems to adhere to domains. Also if you read the article you will see that a precedent has been established.

I want to compile a list of everyone that has had this problem with PayPal and Intangible goods, be it domains or codes or anything else.

EDIT: I am going to write an article to DIGG. where should i post it?

 

[GreenGambler]

EDIT: I am going to write an article to DIGG. where should i post it?

Here, there EVERYWHERE.. I will too!

Mention that the money might be being used to fund terrorism and this could be related to terrorist activity. We need the FBI, CIA, HomeLand Securtiy, etc.. to hunt these scammers down! IMO

And lets not forget about this guy. . HE IS A CONFIRMED SCAMMER!!!

Here is another one that just tried to get me, via my website:

Here is the info he gave me and may use again:

Emails:
[email protected] / blackice @ sheknows.com
[email protected] / indianbetiv @ gmail.com / indian betiv


Profile:
http://64.233.183.104/search?q=cach...--Profile-html+indianbetiv&hl=en&ct=clnk&cd=1

That is his profile, for sure. He used the email address, [email protected] and indianbetiv is how I found that profile.. WE HAVE A PIC OF THIS SCAMMER!!!

Anyone in Romainia want to pay him a visit??

Keep an eye out for this one!
GG

 

[FPForum]

Here, there EVERYWHERE.. I will too!

Mention that the money might be being used to fund terrorism and this could be related to terrorist activity. We need the FBI, CIA, HomeLand Securtiy, etc.. to hunt these scammers down! IMO

And lets not forget about this guy. . HE IS A CONFIRMED SCAMMER!!!

Here is another one that just tried to get me, via my website:

Here is the info he gave me and may use again:

Emails:
[email protected] / blackice @ sheknows.com
[email protected] / indianbetiv @ gmail.com / indian betiv


Profile:
http://64.233.183.104/search?q=cach...--Profile-html+indianbetiv&hl=en&ct=clnk&cd=1

That is his profile, for sure. He used the email address, [email protected] and indianbetiv is how I found that profile.. WE HAVE A PIC OF THIS SCAMMER!!!

Anyone in Romainia want to pay him a visit??

Keep an eye out for this one!
GG

For you all to see!

This is him having fun with YOUR hard earned money!

someone should kill this scrub!

 

[GreenGambler]

For you all to see!

This is him having fun with YOUR hard earned money!

I am reporting him to the Romanian authorities, I found this article here:

There is good news for those who have been victim of Romanian scammers doing eBay scams and phishing/identity theft.

Romania has entered into an agreement with the European Union to become a member in 2007; but one of the requirements that must be met is to deal with corruption and cyber fraud, that is rampant in Romania.

The Romanian government and the FBI have worked together and set up a site www.efrauda.ro where victims of Romanian frauds can go and file a report on-line; and this report can be used as evidence against the fraudsters without the victim having to go to Romania. It is reccomended that you first file a local police report and reference it in your report to efrauda.

There is a button on the top right of the page for English.

Here is a link to where I found the above info: http://www.scamvictimsunited.com/phpBB2/viewtopic.php?t=845

I suggest everyone file reports that believe this guy scammed them.

 

[epasaport]

I am saying to this forum members , please be careful while you are writing itrader comment people looks your feedbacks then dealing with scammers ,You are writing very positive things to scammers, greengambler please do not use again paypal and godaddy especially paypal ,I saw you dealed with 0 itrader point member this is problem , godaddy will say you go to arbiration forum if cant take your money from paypal go to arbitration forums(its like ibas)

 

[filter]

Here, there EVERYWHERE.. I will too!

Mention that the money might be being used to fund terrorism and this could be related to terrorist activity. We need the FBI, CIA, HomeLand Securtiy, etc.. to hunt these scammers down! IMO

I'd probably be getting more than a bit unhinged myself if this happened to me - and frankly, probably the only reason it hasn't is because I'm holding off on making any significant public sales available to random public at the moment.

So while I'm really bothered to see this, can take a step back and offer just a little suggestion with regard to the "FBI, CIA, HomeLand Security" idea .... And wish I could be more helpful, but hoping my 2 cents here will be at least woth that much: stay cool ... the FBI may be a place to start, there may be other appropriate agencies interested. But in reality it's probably a very small issue from their perspective. They do have much bigger fish to fry. As far as the CIA etc goes ... oh lordy. I'm sure they really would not appreciate someone ringing their terrorism alarm bell about something that is most likely simple ugly stupid theft.

And please let's not start any "international domain trade funding terrorism" memes here! That seems likely to add quite a bit more heat than light to the situation! Credibility is key in getting someone who is responsible for dealing with this particular issue to pay attention and do their job. So - yes, maybe check with the FBI and even local "cybercrime" units in your own state. But stay sane! If you say the wrong thing to the wrong person, seems possible that they may be just as likely to open a file on you as a "potential nutcase and noisemaker" - might be the path of least resistance for the average desk jockey who has to fill out some paperwork for every call they get!

If you can find out how to work with someone in law enforcement who actually cares and is motivated to see a creep brought to justice, then they should appreciate all the organized info you can present to help build the case. Make it easy as possible for them to take you seriously and work with you, and they'll see it as a potential feather in their cap if they can help make sure the scammer gets nailed through official channels.

As far as unofficial channels go ....... reading another post in this thread ..... have to say, encouraging outright murder in a public post seems likely to get a lot more attention from the authorities than someone misappropriating a bunch of "line noise" domains. Now, on the other hand, arranging for a few fingers to be broken might get better press in this case. People need to think before they type .......... just sayin' ...

 

[bgmv]

PayPal and GoDaddy Support and Protect Scammers

Recent events have made it very evident that both PayPal and GoDaddy support and protect internet scamming, identity theft, and fraudulent account activities. PayPal and GoDaddy are giants in their respective market segments and domainers have been using both for years. Domainers trusted their domain sales and transfers in the hands of these two corporations, but I do not think that trend will continue much longer.

Recently there have been a lot of scammers going on to forums and initiating sales and purchases of LLLL.com (4 letter .com domain names.) What happens is the scammer either creates a new username at a forum or he somehow hacks into a preexisting username and emulates another user. The scammer then sends out private messages (PM) to users that have posted their domains for sale and offers to buy them. Once negotiations have ended and a price has been established by both the seller and scammer, the scammer sends payment. Currently these scammers only pay via PayPal and only buy names that are registered at GoDaddy; of course, there is a reason for that.

The scammer sends payment via a STOLEN or HACKED PayPal account, assuming the identity of that person. Once the seller receives/confirms payment via PayPal he or she transfers the domains registered at GoDaddy to the Scammer. In order to complete the transfer of the domain the buyer (scammer) must provide the following information: Name, Complete Address, Country, Phone, and Email corresponding to the GoDaddy account where the domains will be transferred to. Usually, the account information is manipulated to match the identical information as the stolen PayPal account, preventing suspicion. Now the seller transfers the domains to the scammers GoDaddy account. Once the domains have been transferred a confirmation PM is sent and the scammer of course says everything is perfect. The seller goes to sleep happy and the scammer is grinning ear to ear because within minutes the scammer initiates a Chargeback on the stolen PayPal account. A chargeback occurs when fraudulent activity or unauthorized purchases have occurred and PayPal immediately reclaims the funds, without question. After the chargeback is completed the funds in the sellers PayPal account are $0.00. At this point the Scammer has the seller's domains and the seller has neither the money for the domains nor the domains themselves.

This is where both PayPal and GoDaddy facilitate and condone the scammer's getaway. The seller calls PayPal and asks," What happened to my money?"
PayPal responds with, "We are sorry sir but the funds you received for the following transaction were fraudulently acquired and the TRUE owner of the account denies initiating the transaction."
The seller then asks, "Well, do I get my money back? What about my domains can I get those back?"

PayPal responds with, "Actually sir because domains are an INTANGIBLE item they do not comply with the Seller Protection Agreement and are not covered by PayPal, only TANGIBLE items are covered against charge backs. We recommend contacting your registrar to see if they can help you."
Seller says, "Ok, so the TRUE owner of the account gets his money back, the scammer gets my domains and I am left with neither! I don't understand how this is possible. Can you provide me with information that you uncover about the scammer so I can contact him or her?"
PayPal representative, "Unfortunately there is nothing we can do for you on our end. Any information that we find can only be obtained by SUBPEONA. The only thing you can do is take legal action against the perpetrator."
Seller says something along the line of, "This is unethical and you will hear from my lawyers, I will never use your services again,” and then hangs up.

So that’s step one in the Scammer's getaway. PayPal is concealing the identity of the scammer; they can easily track him or her down via a reverse IP lookup to see who initiated the transaction. They protect the TRUE owner of the account and the thief but they do not protect the seller? The seller is the one that has to pay the 3.2% fees, for what, what are those fees going towards if they cannot even protect you. If a transaction is for intangible goods then you should not be FORCED to pay their fees, there is no point.

Here comes step 2 in this disappearing act. By now the seller is feeling agitated but still feels that their is light at the end of the GoDaddy tunnel. The seller checks the WhoIs.sc information for the stolen domains and sees that they are still registered to the THIEF and remain in the GoDaddy system. Surely it would be easy to reverse the transfer; it should not be that hard, you have the GoDaddy email along with all the other contact info to which the domains were transferred to...WRONG! You decide to contact GoDaddy and see what they can do. After explaining your situation to the representative they respond with this, "Unfortunately, GoDaddy does not get involved in third party disputes. This is why we have TDNAM, so you can sell your domains safely."

TDNAM is an online auction site OWNED by GoDaddy wherein the seller must pay a yearly fee of $6.95 and Escrow fees.
Seller says, "WHAT! These domains were stolen from me and they are in your system. They were just transferred hours ago and I can't get them back?”
GoDaddy, “I’m sorry sir, but since these domains were not transferred via TDNAM we have no responsibility to the buyer or the seller. Once the account change is initiated and accepted we are not involved.”
You go back and forth with the GoDaddy representative but get nowhere, there is nothing you can do, and you just got SCAMMED.
The only way to get your domains back is by legal action or reporting the problem to ICAAN.org. Or by the grace of God you find out who the scammer is and harass them to the point of forfeiture. Other than that you are shit out of luck and there is nothing to be done.

That is how I and countless other sellers got scammed and all we can do is sit here holding the bag. We thought we were safe, but both of these companies take no initiative to solve our problems, despite the crimes involved. It is almost as if they are aiding and abeding criminals. The scammers know every angle, they choose GoDaddy and PayPal because they know that they do not pursue or amend fraudulent transfers and charge backs. The next step is to file a class action lawsuit against PayPal and GoDaddy . All I ask is that anyone that has had this occurrence please email me at [email protected], I will compile a list of victims and their situations.

 

[GreenGambler]

Great article BGMV.. nice job!

 

[bricio]

each time i read this thread some ideas come to my mind; i think all are crazy ones but i will post them here and maybe some can be used to help all of us
unfortunately this can happen to all of us

1) from now on, i think i all say something like this to a reputable member: "sorry, but with these account steals name a domain you own and send me an email from the one is in your whois"... the scammer can even name one name but i think it is more difficult for him/her to send an email from the whois email unless he steals all or the majority of your accounts
this to guarantee the account wasnt stolen

2) just use escrow services (this was said many times here in NP) if #1 fails or if you think you can lose your money (i recommend escrow for everything $300+) or as your last option withdraw your money immediately after receiving it through paypal and then send the names (or just send the names after 72 hs or after spending all the money)

3) try to really put scammers in jail (the problem here is if they are underage)... even they reverse a steal why not try this if they are in the same country you are or if he/she is in the same country a member here is? (just remember how Alex already helped some guys here were a victim from a scammer from his country making calls!); when the scammer gives you the name(s) back and you do nothing you are helping him/her to go on and maybe you can be scammed by him/her again so consider losing some bucks if this happen to you (i would surely would if i put one of them in jail if losing money in no high ammount were a requirement) to benefit the entire comunity...also have in mind if the scammer get caught you will, much probably, have your names back so i would try to not get desperate (i know it is very, very difficult) to have them back but i would try to trace the scammer, index my names as stolen (as GreeenGambler did very wisely) and tell everywhere i could it was/they were stolen

4) as Yofie said, we must show paypal what is going on but paypal isnt worried about it and we are just a small part of their fees and transactions... if we dont use paypal anymore they will lose, who knows 0,003% of their total volume of transactions?
nobody wants to lose nothing but it is cheaper for them losing us than implementing new polices to "intangible items" as sometimes they would have disputes because of $50 (for us this is money... for them not); i know tangible items can have disputes because of $50 but you have receipts and everything else and, as said here before, pushes arent considered receipts (i dont know why but they dont)
so, again use escrow services or sell your names through known aftermarkets (snapnames, sedo, tdnam, etc)

again, good luck to all of you lost your names and i really hope you get them back and more than all this i really hope these THIEVES go to jail... i will use THIEF/THIEVES everytime i use scammer

 

[Dave_Z]

I found this article online that tries to establish whether domains are TANGIBLE,click here. There is a law called the Tresspass to chattels which seems to adhere to domains. Also if you read the article you will see that a precedent has been established.

If you notice, that article is rather old. Note especially the conclusion:

In addition to examining whether domain names constitute tangible or intangible property, the Ninth Circuit will have the opportunity to decide whether trespass to chattels is appropriate in the domain name context. If not, it will likely remain for the legislature to determine the best cause of action for resolution of generic domain name disputes.

Since the parties in the sex.com dispute eventually settled, there's nothing for
the Ninth Circuit left to further discuss and decide. You can forget using that
domains property argument.

 

[zurc.net]

Let's get these punks indexed...

www.ScamList.info

 

[Shenron]

This is getting Ridiculous Guys!

Check this out:

http://forums.DigitalPoint/showthread.php?t=704905

Again!

 

[italiandragon]

:bah: I`m tired to repeat myself, I just stop using PayPal...

and bricio: Escrow is not totally safe, Moniker Escrow is.

 

[filter]

each time i read this thread some ideas come to my mind; i think all are crazy ones but i will post them here and maybe some can be used to help all of us
unfortunately this can happen to all of us

1) from now on, i think i all say something like this to a reputable member: "sorry, but with these account steals name a domain you own and send me an email from the one is in your whois"... the scammer can even name one name but i think it is more difficult for him/her to send an email from the whois email unless he steals all or the majority of your accounts
this to guarantee the account wasnt stolen
[...]

Good thinking - that's a nice start.

One important detail with the email idea though - the way email service works, it's easy enough to send email "from" any arbitrary address. But not so easy to receive email sent to any address other than one you own (or have hacked). So better to arrange to send a security key (secret word or whatever) to the email listed in Moneybookers/PayPal or WHOIS (depending on if selling or buying), and then get a response with that security key.

I've done so many good trades with domainers all around the world, and I'm going to continue to do business with people I don't already know. That's part of what I enjoy about domaining. I had 0 TR myself just a few months ago. But I will definitely be getting to know my trading partners better in as friendly a way as possible, and taking all reasonable precautions when advisable. And in the likely case I do eventually get ripped off one way or another - will at least try to enjoy the opportunity to give some crooked idiot a lesson in the painful reality of serious consequences from messing with a world-wide community of internet experts.

And while I'm not a big fan of gratuitous violence, I'm not always inclined to waste too much time going through official channels either ......

 

[GreenGambler]

But not so easy to receive email sent to any address other than one you own (or have hacked). So better to arrange to send a security key (secret word or whatever) to the email listed in Moneybookers/PayPal or WHOIS (depending on if selling or buying), and then get a response with that security key.

I too thought that was a good method to use. And usually it is. However the most recent person, who did scam me out of my two names, did reply to the PayPal email address on file. Which leads me to believe that the owner of the PayPal account was using the same password for both his PayPal account and his PayPal email. I thought when I got a reply back, with my security key, I was good to go.. But nope, I got scammed... ugh.

 

[ironheadz]

Now i have been scammed, someone steal a rep member account at DP , he bought a 4 LLLL.COM from me at 370$ , couple of hours and i have been charged back , all domains are with godaddy, thats his
godaddy details:
Brian Gordon
address: 4117 Emeral Dreams Drive
city: Princeton
state: illinois
zip: 61356
phone: 8153039148
email: [email protected]
http://forums.DigitalPoint/showthread.php?t=704905&page=2
I know i won't be alone and some ppl will follow me next minutes , the names are
EQFY.COM
BMQF.COM
BPQF.COM
JIFX.COM
I need help to get them back , thank you

 

[bricio]

and bricio: Escrow is not totally safe, Moniker Escrow is.

thanks Lorenzo i have read things about this already
when i said escrow service i didnt mean escrow.com exactly; it can be moniker's

This is getting Ridiculous Guys!

Check this out:

http://forums.DigitalPoint/showthread.php?t=704905

Again!

one more thing... besides not using paypal, just dont make deals on DP anymore

 

[bgmv]

sorry wrong spot!

 

[GreenGambler]

thanks Lorenzo

one more thing... besides not using paypal, just dont make deals on DP anymore

Here... Here.. Seems that alot of this is happening on DP an through private emails. Just use DP to advertise your domains that you have for sale on NP

 

[tinner666]

Hope this helps.

Internet Crime Reporting

 

[GreenGambler]

I just got off of a 2 hour conversation with GoDaddy.

They refuse to help me. They say that they will have the names for 60 days. And that I should file a claim with local law enforcement.

And from there I need a court order to GoDaddy to give my names back.

They said that me, a long term customer with 200 domain names, my word is not good enough. The fact that this scammer is funneling all these stolen names into an account is not good enough.

They choose to not get involved.. It is not a LAW..

Call the GoDaddy Executive Services phone number and let them know what you think.

1-480-505-8885 - GoDaddy executive services, don't let them transfer you!

1-480-505-8828 - GoDaddy office of the president

Call them and let them know what you think about them supporting scammers.


Also, GoDaddy confirmed that If I were to go around stealing names that they would not take them away from me, the confirmed that they do infact help scammers.. WTF!

 

[tinner666]

I just got off of a 2 hour conversation with GoDaddy.

They refuse to help me. They say that they will have the names for 60 days. And that I should file a claim with local law enforcement.

And from there I need a court order to GoDaddy to give my names back.

They said that me, a long term customer with 200 domain names, my word is not good enough. The fact that this scammer is funneling all these stolen names into an account is not good enough.

They choose to not get involved.. It is not a LAW..

Call the GoDaddy Executive Services phone number and let them know what you think.

1-480-505-8885 - GoDaddy executive services, don't let them transfer you!

1-480-505-8828 - GoDaddy office of the president

Call them and let them know what you think about them supporting scammers.


Also, GoDaddy confirmed that If I were to go around stealing names that they would not take them away from me, the confirmed that they do infact help scammers.. WTF!

Also link this thread and your last post to The Feds . The more people here and other forums that make the same complaints, the more likely the Feds will lookat GD's and any other's policies.
I haven't been burnt, and I hope it doesn't happen, so I can't say too much about it to them.