advice What’s happened to my domain?

[Blueforever]

Yesterday (November 18th) I received an email from namesilo that my domain name (TokenizeEverything.com) was to be transferred out to another registrar, there was also an option to cancel if i follow the URL which I quickly did.

I logged into my account to find the name missing. I spoke to support who had said that ‘When you cancelled the transfer it was deactivated’ although they reinstated the name to my account which I can see is there and thought that was the end of it.
A few hours later I check the domain to find it has a different landing page. Wtf!
Go to Whois to find it’s under a network solutions registry owned by a guy named David shoop jr. Fb profile https://m.facebook.com/DavidShoopJr

I log into my namesilo account, and there it is. The name is still in my account.

I try to make changes, nameservers, make Whois private, but none of it works. It’s like the domain is only there in text but it’s not in my account as I have no control on it, if that makes sense.
I spoke to namesilo, they have given me no answers except their IT people are looking into it.
Now I see this guy has added a WordPress site to my domain name. Whats odd, is when looking at the login history, there is no unusual login to my account.
Any thoughts on what is going on? Has my name been stolen? If it has why show your full name on Whois? Or is this a glitch on namesilos end?

 

[Abdullah Abdullah]

We have been explicitly told by lots of Afternic users, some on this forum on other threads that they do not want to do that. We are probably moving to some form of that at some point but many customers have told us that various registrars they use do not make it easy to update the DNS or update the DNS in bulk to add txt records and with lots of listings to add this would mean they would no longer list with us.

I understand your position but there is an equally valid position, which is, don't randomly click approvals on links in your emails it is not a good habit because this could be done for a lot of things like someone resetting your password to a financial institution etc.

I think randomly trying to send people links to click would fall under fraud in which case we can unwind sales as I have previously stated. We are also regulated by various bodies as well as in compliance with courts of competent jurisdiction etc. We also can and do as warranted work with law enforcement bodies throughout the world. Stealing people's domains is not without its problems for the perpetrators. We have other steps in place as well to combat things of this nature which I do not wish to comment on publicly.

Assuming the registrant does not click on any links in emails he is not aware of, here is what I believe might be an issue. Lets suppose I bought a name that has been approved for fast transfer sale, and which is listed on Afternic by the previous owner , who happens to be the one who approved the Fast Transfer before I bought the domain. What happens if it gets sold on Afternic? Of course it will.be removed from my account wihout my knowledge. I believe this is the loophole which can be exploited by scammers.

If a push or transfer takes place, I.believe Afternic should void the previous Fast Transfer approval and request a new one from the new owner. If the new registrant then simply approves without checking if he or she listed the name or not, then it will fall on him/her. This can also affect even handregs.

 

[tonyk2000]

Assuming that @Blueforever indeed mistakenly approved instant transfer setup for a whois-privacy protected domain, we are definitely not speaking about a theft attempt. Nor there is any wrongdoing on NameSilo / Afternic end. Who knows, maybe the domain owners has >1 registrar accounts or >1 afternic accounts, and/or authorized somebody else to sell the domain on their behalf (including through Afternic) - either should be OK from Afternic and Namesilo point of view. The second human error is of previous owner - they could not realistically expect to sell something they no more own, so I'd classify their submission as another error in this story. Good that @namesilo and Godaddy @Joe Styler are working to "correct" this unfortunate combination of 2 errors

 

[Gube]

Was the name sold on Afternic ?
You should have received an email about it..
The transfer was approved directly, Except if someone gained access to your Namesilo account/email, I don't see how the transfer was approved.

Gube

 

[Gube]

Nope, the name wasnt for sale at Afternic, the only email i recieved was the namesilo one saying the name is about to be transferred out, which i cancelled straight away. The whole thing is odd

@namesilo should be able to help
Check your logs to see if the transfer was approved
Also, Change your password for both your Namesilo account and your email account (to be sure)
If the domain wasn't on Afternic nor Sedo, someone gained access to your account and
- Unlocked the name
- Took the auth code to a new registrar
- Approved the transfer from Namesilo

 

[bmugford]

Was the domain near expiry before you lose it? the backorder listing at snapnames suggest that the domain was about to expire

Maybe that is the case. On DomainIQ I see a record on 11/2/2019 that shows

Registrar URL: http://www.namesilo.com
Updated Date: 2018-11-02T03:11:09Z
Creation Date: 2018-11-01T21:29:18Z
Registry Expiry Date: 2019-11-01T21:29:18Z

 

[golan]

I start worrying. @namesilo ?

@Blueforever Wish you the best resolving of this issue.

 

[Silentptnr]

Just one possibility?

I noticed that there are two similar names registered.

TokenizeEverything.com (registered 11/1/2018)
Tokenizeverything.com (registered 3/4/2018)

Are you sure of which one is yours? Those double "e"s can be confusing.

 

[Chris Hydrick]

Just one possibility?

I noticed that there are two similar names registered.

TokenizeEverything.com (registered 11/1/2018)
Tokenizeverything.com (registered 3/4/2018)

Are you sure of which one is yours? Those double "e"s can be confusing.

OP's screenshot email receipt from NameSilo shows TokenizeEverything (EE)

 

[bulkdomainz]

The most probable thing is that it was previously listed and now sold via fast transfer, if this is the case and a name can indeed change hands and then still be taken out by fast trasfer, then this is a MAJOR issue, as it allows someone to sell a domain for thousands, and seconds before doing so list it as fast trasfer, (for $200 or $500)... and once it is in the new owners account, purchase it and get it right back (and the money since they purchased it), if this is indeed the case that needs immediate attention by Afternic and @namesilo and IMMIDIATE FIXING.

The other somewhat more obvious question, what good does an email serve where you can reject a transfer, if it dosnt actually reject it when you do so...

I always realised the risk associated with the 'fast transfer' scenario, and as such never put my domains under that risk.

When anyone purchases my domain, I wanna be the one to click 'authorize the transfer', and savor ☺ the moment. Not giving that pleasure to anyone else. I don't want to wake up one day to find system error at Afternic reduced my domain price from $2k to $2 and its been sold and transferred while I was in bed, and I now owe Afternic a $200 commission. Nah nah nah thanks.

 

[Jona4s]

I'm getting a little nervous just by reading this thread to be honest. What if this were to happen to one of your domains.

 

[Ostrados]

I'm getting a little nervous just by reading this thread to be honest. What if this were to happen to one of your domains.

Add all your domains to Afternic and Sedo and if some of them are listed contact their support and tell them to remove the names..
this is the only way to be 100% safe

 

[tonyk2000]

I may be late (missed this interesting thread on Tuesday), but - what is the final outcome?

Did @namesilo find out what really happened?

On a spot view, the only likely thing so far is that the current registrant (Texas pest control) simply purchased it on Netsol (so, it could be either Sedo or Afternic distribution channels) with instant transfer. Why it had the listing with instant transfer enabled on both ends (NameSilo and Sedo/Afternic) is a mystery.

It also implies that somebody was (or will be) paid for this sale. @Blueforever - how did you become the owner of tokenize everything domain? Did you purchase it from somebody? Maybe this somebody was just paid for the 2nd time by Sedo or Afternic - are you able to contact this seller?

 

[NicTraders]

It looks like a mistake to me not theft. It doesn't seem like anyone planned to steal the domain.

Correct, but it seems that it's a mistake which has only been enabled by inadequate systems at NameSilo / Afternic (and I wonder how many other registrars)?... A concern for sure.

 

[Blueforever]

I remember I once received an unsolicited listing on Afternic in my email:

You are receiving this email as a result of the Afternic listing process being invoked through an Afternic account, on the following domain(s):

• xxxxx.com

A listing on these domain(s) has just been attempted.

I obviously didn't click the link to accept the listing, as I didn't request any listing, someone who didn't own my domain apparently tried listing it. I wonder if that was the case with the OP, as namesilo says he mistakenly approved a listing.

Yes, it seems this was the issue @Jona4s
after siphoning through my emails i found that in May this year i received this email, i didn't understand it and overlooked it as i didn't list the domain at afternic.

I must have clicked the first link not understanding that my domain was being listed with a price. (it seems that when you click the link, your domain is automatically listed without anything else to do.) But how is it that someone else can list my domain name even though i had owned it for 4 months. How can they link it to their afternic account and list prices etc also receiving the payment. This is obviously a flaw in the system

 

[Ostrados]

I know it did sell via Afternic, but I do not know all the details beyond the fact that Afternic is working with Namesilo to see what happened. It appears to me from what I have seen that the OP approved the listing via an email from Namesilo. We have a pretty robust verification system in place. I believe this name was under privacy on the WHOIS, regardless we ask the registrar if the name can be listed, they in turn contact the registrant who has to approve the listing.
We did not pay anyone on the sale as far as I know because it is being investigated. I did not comment last week because I did not have all the facts. Some of them were logs only Namesilo has access to, ie what customer was asked to opt in to transfer the domain, who actually did do that, etc. I still do not know all the facts as there is still an investigation. I do not think there is a security loophole as you as the registrant of the domain have to confirm that you want to sell the domain with us via your registrar before we can list your domain as a fast transfer sale - meaning a sale that would move the domain away from your account after it sold.
There are ways to unwind this if there is theft or fraud etc. We will have to wait and see all the facts in this sale to determine the outcome. I do not have them yet.

The loophole is this:

anyone can do trial and error and list hundreds of domains, some non zero percentage may click Afternic approval email by mistake

The solution is to use text record verification as you do in Godaddy auction listings.

 

[Ja Kai]

Yesterday (November 18th) I received an email from namesilo that my domain name (TokenizeEverything.com) was to be transferred out to another registrar, there was also an option to cancel if i follow the URL which I quickly did.

I logged into my account to find the name missing. I spoke to support who had said that ‘When you cancelled the transfer it was deactivated’ although they reinstated the name to my account which I can see is there and thought that was the end of it.
A few hours later I check the domain to find it has a different landing page. Wtf!
Go to Whois to find it’s under a network solutions registry owned by a guy named David shoop jr. Fb profile https://m.facebook.com/DavidShoopJr

I log into my namesilo account, and there it is. The name is still in my account.

I try to make changes, nameservers, make Whois private, but none of it works. It’s like the domain is only there in text but it’s not in my account as I have no control on it, if that makes sense.
I spoke to namesilo, they have given me no answers except their IT people are looking into it.
Now I see this guy has added a WordPress site to my domain name. Whats odd, is when looking at the login history, there is no unusual login to my account.
Any thoughts on what is going on? Has my name been stolen? If it has why show your full name on Whois? Or is this a glitch on namesilos end?

With namesilo (like many others) the domain can't leave your account without a forced transfer.

I know it did sell via Afternic, but I do not know all the details beyond the fact that Afternic is working with Namesilo to see what happened. It appears to me from what I have seen that the OP approved the listing via an email from Namesilo. We have a pretty robust verification system in place. I believe this name was under privacy on the WHOIS, regardless we ask the registrar if the name can be listed, they in turn contact the registrant who has to approve the listing.
We did not pay anyone on the sale as far as I know because it is being investigated. I did not comment last week because I did not have all the facts. Some of them were logs only Namesilo has access to, ie what customer was asked to opt in to transfer the domain, who actually did do that, etc. I still do not know all the facts as there is still an investigation. I do not think there is a security loophole as you as the registrant of the domain have to confirm that you want to sell the domain with us via your registrar before we can list your domain as a fast transfer sale - meaning a sale that would move the domain away from your account after it sold.
There are ways to unwind this if there is theft or fraud etc. We will have to wait and see all the facts in this sale to determine the outcome. I do not have them yet.

What Godaddy/Afternic users would like to hear, is not all the nonsense about systems, processes, and how the Afternic/Godaddy customer should not be making the mistake of clicking on the wrong email activation. IT IS GODADDY/AFTERNIC's responsibility to insure that a domain does not leave someones account - without them having intent to facilitate the sale. YOU, Joe, should have systems in place to protect the customer - it just shouldn't be the way it currently is.

Blaming people for authorizing emails that are received by them, from afternic - or afternic partners - is BS. HOW ABOUT matching up the email for verification to the email of the account that sold the domain - If they don't match up, keep the sale "pending" until you figure out what went awry.

Joe, stop blaming the consumer. The onus is YOURS - it's your system.

For once, it would be nice to hear, "yeah, we made a mistake. it shouldn't be this way. We will make it right".

 

[Ja Kai]

I understand your position but there is an equally valid position, which is, don't randomly click approvals on links in your emails it is not a good habit because this could be done for a lot of things like someone resetting your password to a financial institution etc.

That might be true in the US but it's not true in the UK. This would be a civil matter and nothing to do with the criminal courts. Isn't that also the case in the US. Blueforever would win a case like this but I still don't think it's theft. To prove theft you have to show there was an intention to steal it from the outset. That is different to what happened here. To be clear, I think Namesilo are in the wrong here and look very incompetent, but I still don't think it's theft.

This appears not to be theft. Rather, a clusterf*ck of godaddy/afternic programming. Godaddy always blames the customer.

 

[Ja Kai]

Here is what @JoeStyler and Godaddy want to keep from the public.

When HugeDomains and other big companies input their domains, there is a reduced authentication process. They can actually list a name, that you have already listed, and that name will be removed from your afternic listings and entered into the BIG company's afternic portfolio. At the time this occurs, the domain is ALREADY opted-in and will fast transfer when sold - without the original owner even knowing - until the transfer has already occurred (that is if they read the email from the registrar that was holding the domain).

 

[Ja Kai]

1) You said this

This is contrary to what @Joe Styler said. I wish he would clarify, instead of towing the godaddy line - "yeah, someone ELSE must have done something wrong, like click on an email they were not supposed to click on".

WHAT ABOUT godaddy not sending emails to people when the target email doesn't match the afternic account used to market the domain?

Can you imagine - Bank of America saying, "we sent you the wrong email, and when you clicked on it, we credited this random person's account $500 - Be careful next time when we send you emails we should not have sent".... REALLY? Is this what this has come to?

 

[Abdullah Abdullah]

Nothing as yet. Was told by afternic support to wait till after thanksgiving as offices will be closed. Have written to both namesilo and afternic. Just waiting for a reply.

Please keep the community updated with how it goes. Thanks.

 

[7363824]

there's more to this story. something seems fishy. people have not learned only use go daddy,namecheap. why namesilo

The real question is why would you recommend godaddy. That's who non technical end users who dont know better use. There support is a nightmare, unless perhaps you spend so much they give you an account rep but I still dont think it's worth it then. But to each their own...

 

[Bob Hawkes]

Maybe I missed it but as someone else asked is it possible you had approved rapid transfer with Sedo or Afternic and it sold but you did not get the message? I hope it gets resolved.
Bob

 

[Bob Hawkes]

*****IMPORTANT*****

Your name is currently listed on SnapNames - if that is not you contact them or make sure that they cannot access the name

 

[Abdullah Abdullah]

The most probable thing is that it was previously listed and now sold via fast transfer, if this is the case and a name can indeed change hands and then still be taken out by fast trasfer, then this is a MAJOR issue, as it allows someone to sell a domain for thousands, and seconds before doing so list it as fast trasfer, (for $200 or $500)... and once it is in the new owners account, purchase it and get it right back (and the money since they purchased it), if this is indeed the case that needs immediate attention by Afternic and @namesilo and IMMIDIATE FIXING.

The other somewhat more obvious question, what good does an email serve where you can reject a transfer, if it dosnt actually reject it when you do so...

Great scenario !, Huge issue.