advice What’s happened to my domain?

[Blueforever]

Yesterday (November 18th) I received an email from namesilo that my domain name (TokenizeEverything.com) was to be transferred out to another registrar, there was also an option to cancel if i follow the URL which I quickly did.

I logged into my account to find the name missing. I spoke to support who had said that ‘When you cancelled the transfer it was deactivated’ although they reinstated the name to my account which I can see is there and thought that was the end of it.
A few hours later I check the domain to find it has a different landing page. Wtf!
Go to Whois to find it’s under a network solutions registry owned by a guy named David shoop jr. Fb profile https://m.facebook.com/DavidShoopJr

I log into my namesilo account, and there it is. The name is still in my account.

I try to make changes, nameservers, make Whois private, but none of it works. It’s like the domain is only there in text but it’s not in my account as I have no control on it, if that makes sense.
I spoke to namesilo, they have given me no answers except their IT people are looking into it.
Now I see this guy has added a WordPress site to my domain name. Whats odd, is when looking at the login history, there is no unusual login to my account.
Any thoughts on what is going on? Has my name been stolen? If it has why show your full name on Whois? Or is this a glitch on namesilos end?

 

[Grego85]

So I think this could happen to anyone that has ever received a pushed (Namesilo) domain from another domainer who had it previously listed and opted in at a fast transfer marketplace.

Seems like that's what happened here. The Namesilo name was pushed but the past opt in for fast transfer was not cancelled with the push.

Namesilo should fix this issue immediately.

I wonder if this could also happen with domains purchased at Namesilo expired auctions.

 

[bmugford]

So I think this could happen to anyone that has ever received a pushed domain from another domainer who had it previously listed and opted in at a fast transfer marketplace.

Seems like that's what happened here. The Namesilo name was pushed but the past opt in for fast transfer was not cancelled with the push.

Namesilo should fix this issue immediately.

I wonder if this could also happen with domains purchased at Namesilo expired auctions.

If that is the case, this is a massive issue.

This is the type of thing why I have been hesitant when it comes to all these fast transfer options at various venues. It can be hard to keep up with who listed the domain, who currently owns it, etc. If the accounting is not done properly this can happen.

Brad

 

[Joe Styler]

I know it did sell via Afternic, but I do not know all the details beyond the fact that Afternic is working with Namesilo to see what happened. It appears to me from what I have seen that the OP approved the listing via an email from Namesilo. We have a pretty robust verification system in place. I believe this name was under privacy on the WHOIS, regardless we ask the registrar if the name can be listed, they in turn contact the registrant who has to approve the listing.
We did not pay anyone on the sale as far as I know because it is being investigated. I did not comment last week because I did not have all the facts. Some of them were logs only Namesilo has access to, ie what customer was asked to opt in to transfer the domain, who actually did do that, etc. I still do not know all the facts as there is still an investigation. I do not think there is a security loophole as you as the registrant of the domain have to confirm that you want to sell the domain with us via your registrar before we can list your domain as a fast transfer sale - meaning a sale that would move the domain away from your account after it sold.
There are ways to unwind this if there is theft or fraud etc. We will have to wait and see all the facts in this sale to determine the outcome. I do not have them yet.

 

[55Domains]

100% not acceptable. 10000%.

It leaves a MAJOR loophole open for all scamers out there. (And also causes problems like these, where afternic basically is committing theft by taking a domain out of someones account, without an agreement in place for being able to do so) (Which basically means @Blueforever could sue them outright if this dosnt get resolved)

When someone agrees to opt-in for fast-transfer, and the domain changes hands that contract is automatically terminated (Or should be) and if its NOT, then that needs immediate high-priority attention by Afternic/sedo and all participating registrars. As i am sure the issue is not one-sided and needs fixing on both sides, (Afternic and Namesilo) Neither/or should allow for this to happen.

 

[Ostrados]

If it was fast transfer then this is indeed very disturbing, we buy domains all time how can you tell if the domains are still on fast transfer on Sedo & Afternic?!

I personally add my domains to Sedo & Afternic after purchase, and many times I found that I can't add the domains because they are already listed, so I send email to support telling them I am new owner of the domain and they usually fix the problem in few days and add the domain to my account. But what if the domain was sold in this waiting time while they are replying to my email? Also many domainers do not list on Sedo or Afternic and they may never think about checking if the domain is listed there.

I think the best way to be 100% safe is that when you buy a domain you should transfer it to a new registrar, you many need to do that especially if the domain is high value (like 3L).

 

[Joe Styler]

We have been explicitly told by lots of Afternic users, some on this forum on other threads that they do not want to do that. We are probably moving to some form of that at some point but many customers have told us that various registrars they use do not make it easy to update the DNS or update the DNS in bulk to add txt records and with lots of listings to add this would mean they would no longer list with us.

I understand your position but there is an equally valid position, which is, don't randomly click approvals on links in your emails it is not a good habit because this could be done for a lot of things like someone resetting your password to a financial institution etc.

I think randomly trying to send people links to click would fall under fraud in which case we can unwind sales as I have previously stated. We are also regulated by various bodies as well as in compliance with courts of competent jurisdiction etc. We also can and do as warranted work with law enforcement bodies throughout the world. Stealing people's domains is not without its problems for the perpetrators. We have other steps in place as well to combat things of this nature which I do not wish to comment on publicly.

 

[55Domains]

The most probable thing is that it was previously listed and now sold via fast transfer, if this is the case and a name can indeed change hands and then still be taken out by fast trasfer, then this is a MAJOR issue, as it allows someone to sell a domain for thousands, and seconds before doing so list it as fast trasfer, (for $200 or $500)... and once it is in the new owners account, purchase it and get it right back (and the money since they purchased it), if this is indeed the case that needs immediate attention by Afternic and @namesilo and IMMIDIATE FIXING.

The other somewhat more obvious question, what good does an email serve where you can reject a transfer, if it dosnt actually reject it when you do so...

 

[7363824]

So basically @namesilo are saying don’t make private purchases. Or if you do, it’s your responsibility to go through every platform and make sure it’s not listed for sale by the previous owner.

Not cool @namesilo not cool at all. Personally if I were you my next response to NS would be:

I did not authorize this transfer. I kept the domain lock on. I contacted you as soon as you sent the transfer auth email to block it. I never opted into fast transfer nor had I accepted its terms. This is your error and should you not get the domain returned within 72 hours I will proceed with legal action against you for being a party to domain name theft.

Something like that should hopefully get their attention. Sadly you my have to get an attorney to file court action to get it back if it's worth the cost to you. You definitely should file an ICANN complaint against namesilo if nothing else. In either case I suspect namesilo will be getting an influx of transfers out from namepros members after this, certainly by me at least.

 

[bmugford]

It appears the new owner of the .COM, owned the .NET before that.

I feel like this had to have been sold via some venue. That is my guess with what happened.

As far as the domain still being listed in your NameSilo account, that is a ghost record.
It is bad that the registrar doesn't know which actual domains it is holding.

The WHOIS record can verify it is currently @ Network Solutions.

Brad

 

[Blueforever]

I may be late (missed this interesting thread on Tuesday), but - what is the final outcome?

Did @namesilo find out what really happened?

On a spot view, the only likely thing so far is that the current registrant (Texas pest control) simply purchased it on Netsol (so, it could be either Sedo or Afternic distribution channels) with instant transfer. Why it had the listing with instant transfer enabled on both ends (NameSilo and Sedo/Afternic) is a mystery.

It also implies that somebody was (or will be) paid for this sale. @Blueforever - how did you become the owner of tokenize everything domain? Did you purchase it from somebody? Maybe this somebody was just paid for the 2nd time by Sedo or Afternic - are you able to contact this seller?

It has been established that my domain was sold via fast transfer, but so far @namesilo are being difficult. It assumed that the previous owner somehow still had received the authority the re-sell it again and receive the funds, (but how is it that I received the transfer out email and not a domain sold email as all contact info is to me)
I received this email from namesilo this morning which I’m not happy about.

“Outside sales that do not go through our platform can face issues like these. We would not know that you made a side deal with a seller.
Where are you seeing the domain still for sale? It would make sense for you to reach out to this company to let them know that you own the domain and that it should not be for sale. You should also let this same company know that the domain belonged to you and should not have been sold by them

To network solutions, the deal looks legitimate as a user came through the reseller and purchased the domain through fast transfer. The person you purchased this domain through privately will be responsible for helping resolve this issue”

 

[Nikhil Jain]

but how is it that I received the transfer out email and not a domain sold email as all contact info is to me

If truly the deal went through Afternic, you did not receive the domain sold email because the Afternic listing might have been of the previous owner. And you received the transfer out email because the contact details of the domain at Namesilo were yours.

I hope @Joe Styler can help out if it really went through Afternic.

 

[Chris Hydrick]

A few notes of detail:

The update date/time: 2019-11-18T18:25:43Z might be when it transferred to NetSol.

Also, note the new expiration date: 2021-11-01T21:29:18Z

Emphasis on 2021, supporting a narrative where the domain owner renewed the domain, extending the expiration to 2020, then the transfer to NetSol bumped the expiration up a year to 2021.

 

[Lox]

The IP pointing to Network Solution (ISP Defense.Net), mx1.netsolmail.net. This looks like a typical pharming DNS. Also ... check your Computer/s for malware, adware, viruses, and check your local host file for possible anomalies.

Windows
C:Windows/System32/drivers/etc
MacOS
1. open Terminal
2. In Terminal type: sudo nano /etc/hosts
3. and then hit return
4. Enter your admin password
5. You're now in the native text editor
6. Usually you'll find 127.0.0.1 localhost and/or 255.255.255.255 broadcast
7. If there's anything extra, copy and google for info.

Regards

 

[Nikhil Jain]

If i had done this im sure i would not have had this problem. Because i kept the name in namesilo, from the previous owner...it seems the glitch is that it doesn't detect the new owner and just transfers the name out.

Even with a push, if you had changed the contact details to yours, that ideally triggers Afternic to turn the listing's status to " In Review" instead of "Listed".

So if you did change the contacts, yet it sold through Afternic in reality, then this is something to be concerned about.

 

[tonyk2000]

this should not be our responsibility

If you are selling the domain on lets say Sedo, and somebody else has it listed on Afternic - then Netsol, Registercom and other partners of both networks may prefer to show the domain using Afternic channel. Yeah, they will not be able to deliver the domain if sold. Yeah, they will refund the buyer. A legitimate domain owner will have a lost sale then. He expected the distribution to all external Sedo partners, including Netsol. But, it did not work because of a false duplicate Afternic listing. Or vice versa - lost Afternic sale because of a duplicate Sedo listing.

So, not checking for conflicts may affect $$$ income of a legitimate owner.

Another scenario. You are not selling the domain at all, or asking a "modest" amount. Somebody else has your domain listed on Afternic or Sedo with a cosmic price. There is always a possibility for a domainer to receive UDRP, and the Complainant may try to use "for sale" (Afternic/Sedo and their partners) status against you. It happened before. The Respondent will then need to explain that he did not list the domain for sale at all.

There may be other negative scenarios. In fact, another negative and unexpected scenario is what this thread is about.

So... prevention is better than cure

 

[55Domains]

Given that this concerns a private user account, we will not disclose any sensitive details publicly but we are working with the registrant and the involved parties to resolve this matter. The domain owner can update you on the outcome and results if they wish.

But we did want to address the concerns around security post transfers and domain pushes - rest assured there are no issues with security on our end or working with our partners. This was a case where the domain listing on Afternic was mistakenly approved by the owner of the domain and that's what enabled the fast-transfer to occur once it was sold at Afternic.

That does not make sense, thanks for showing up and making a statement, however, admitting an error and making sure this cannot happen (Like Epik Stated, Not possible there.) is probably better then trying to cover it, the domain owner as reported did not authorize anything.

I would also like to invite @Joe Styler to coment on this case, to make sure this cannot happen at godaddy, once there is an account change, previous agreements are not further valid, i hope.

Users who buy hundreds/thousands of names each month/every few months, need to know that agreements someone else agreed to, dont just roll-over and that their name could sell at any moment, oh, and them not even getting paid for it.

 

[Blueforever]

Was the domain near expiry before you lose it? the backorder listing at snapnames suggest that the domain was about to expire

The name auto-renewed on 1st of november.
From what Bob showed, im thinking it was listed from the previous owner on snapnames, and never removed. This guy purchased it and namesilo just transferred out.

 

[Blueforever]

If that is the case, this is a massive issue.

@namesilo please look into this.

 

[Grand]

Someone else mentioned this but you never responded. Did you confirm that the email you received was from namesilo?

Being asked to quickly cancel the transfer, having to login to what looked like namesilo - that all seems like a classic phishing scam. The site you logged into might not have been the real one

 

[Bob Hawkes]

I hope, as well as this getting sorted out for your personal case @Blueforever, that we get clarification from registrar(s) if it is true that a name left listed for sale, which had a previous fast transfer agreement, can be sold this way it is of course a serious issue. I would think, if that is what happened, since you did not approve the fast transfer arrangement for this domain name that it should get reversed as they can't claim there was a legal agreement. Certainly hope it works out.

Bob

 

[tonyk2000]

Well, anything like this can be technically reversed. Including refunding the buyer and the domain being transferred back to NameSilo. As per ICANN 60 days no-transfer rule we frequently see in auth emails: "A domain name is within 60 days (or a lesser period to be determined) after being transferred (apart from being transferred back to the original Registrar in cases where both Registrars so agree and/or where a decision in the dispute resolution process so directs)". I see no reason why would netsol/namesilo/marketplace refuse to do this. Yeah, they might already pay the "seller" - which is the only issue here, but it should not prevent them from fixing the things. Also, who knows - maybe the party who was paid is a genuine domainer who simply forgot to remove the domain from the aftermarket platform, and he would be willing to return the funds. Or is already trying to return the funds... The question is - are we speaking about Sedo or Afternic?

I would also try find out the $$$ amout involved. Maybe it is something acceptable. I mean that an option to let this "Texas pest control" have the domain, and ask for $$$ to be paid to the right owner is something that should at least be considered. Of course with some extra bonus as a compensation for all the inconvinience.

 

[Blueforever]

@Blueforever Any updates to this? Did you find out how much it sold and if the payout was made?

Still waiting for an outcome. It has been confirmed that it was sold via fast transfer through afternic. No idea on sale price, but yes payment was made and went to previous owners afternic account. I wrote to the previous owner a few days ago but stil no reply. @namesilo have been responsive and are working with afternic to get my name back. Thanks

 

[Abdullah Abdullah]

@Abdullah Abdullah can your confirm with Epik if you deauthorize fast transfer/mls on account change so this wouldn't happen with Epik?

Yes, this would not happen at all at Epik.
Also, with MaxLock on the account you can block all MLS authorizations as confirmed also with our CEO @Rob Monster

 

[Internet.Domains]

This is an eye opening situation. To call it "very scary" may not do it justice. I sincerely hope all parties involved do the right thing and return the domain.

 

[Ostrados]

Yes, it seems this was the issue @Jona4s
after siphoning through my emails i found that in May this year i received this email, i didn't understand it and overlooked it as i didn't list the domain at afternic.

I must have clicked the first link not understanding that my domain was being listed with a price. (it seems that when you click the link, your domain is automatically listed without anything else to do.) But how is it that someone else can list my domain name even though i had owned it for 4 months. How can they link it to their afternic account and list prices etc also receiving the payment. This is obviously a flaw in the system

It is clear this is theft attempt not honest mistake, some scammer listed the domain at Afternic, then you accepted.. after that he might set the domain at $20 BIN then buy it himself from Network Solution and get the domain in his account for free!

That is very possible scenario if true then it is huge loophole in Afternic system anyone can do trial and error and list hundreds of domains, some non zero percentage my click Afternic approval email by mistake as @Blueforever did, then scammer will easily steal those domains that were added to his Afternic account.

We are summoning @Joe Styler to shed light on this loophole