Via NamePros, DomainBits, and DNForum:
“Over 1,000 high quality domains have been stolen by a thief in Iran. He has brazenly set up a website to sell the domains - LuxaryDomains.com. As well, he is sending out lots of emails to domainers informing them of the domains he has available. Here is a partial list of domains stolen:
Problems.com
Mistake.com
Enroll.com
Damaged.com
Statement.com
Evaluate.com
UnClear.com….”
This reminds me of two instances where we tried to help victims of domain theft and it turned out to be extremely lucrative for us. In both those instances we were able to pick up extremely high value domains from the rightful owners (one is solid seven figures in today’s market, the other is solid six figures US$) for pennies on the dollar. Not only you are helping to stop thieves who may target your own properties later, doing the right thing is simply a good Karma.
And for the domains above, preventive measures would have saved the owner this headache, situation. If those domain names were on Moniker or Fabulous on highest security settings this mess could have easily been avoided. While mainstream domain owners, those who own a couple of domains, do not know any better, you, the domain professional, should never doubt the importance of protecting your domain names. If this is not a wake-up call to all those who pay no attention to where their valuables are, I don’t know what is.
In comments area, Monte of Moniker adds:
Sahar - we stopped this guy dead in his tracks trying to steal names in 2 accounts in Moniker when he spoofed email addresses. Very few registrars can prevent theft if the hijacker has email access…but with our new Maxlock, it is impossible for them to transfer or push names even if they have account access.
This guy hijacks hotmail, yahoo, msn, gmail email accounts then sends passwords and access to himself through lost password retreivals to get access.
he moved several names to Moniker that he stole from NSI, Enom, Register.com and Godaddy. We have worked with the security teams at each of those registrars to provide them all the documentation along with the thief’s picture id’s that he uses, ip’s he accesses, etc. We are helping our competitive registrar partners to be more secure and working together where ever we can on this issue to help domainers keep their domains safe and secure.
Thank you for posting this!
Thanks for the update Monte,
Sahar
This has been a wake up call to myself - I have personally had contacted with this scum!
I was trying to pitch a name to him and he asked me to sell his domain instead!
This is a big worry for myself - I hope that my domains are secure with GD but Im thinking of moving to Moniker for that extra bit of security.
Also on a personal note someone cloned my bank card and attempted to use it in CANADA last week! - SCUM BAGS ALSO!
Lets oust these fraudsters and get them sent to jail!
Regards,
Robbie
I believe the same guy hacked into our netsol and GD accounts and tried to steal 90.com and 64.com from us. We fortunately managed to stop him. I have to praise netsol and godaddy for their help on this issue, their support was superb.
How did he do it?
and who were the previous owners that owned them?
The bad thing is some people will not suspect that domains are stolen and will end buying thinking they are getting a good deal.
Sahar - we stopped this guy dead in his tracks trying to steal names in 2 accounts in Moniker when he spoofed email addresses. Very few registrars can prevent theft if the hijacker has email access…but with our new Maxlock, it is impossible for them to transfer or push names even if they have account access.
This guy hijacks hotmail, yahoo, msn, gmail email accounts then sends passwords and access to himself through lost password retreivals to get access.
he moved several names to Moniker that he stole from NSI, Enom, Register.com and Godaddy. We have worked with the security teams at each of those registrars to provide them all the documentation along with the thief’s picture id’s that he uses, ip’s he accesses, etc. We are helping our competitive registrar partners to be more secure and working together where ever we can on this issue to help domainers keep their domains safe and secure.
Thank you for posting this!
He’s been at it a while (a couple years at least) and is very good at stealing domains. I’ve even seen him try to recover a root password to a dedicated server so he could get at the email hosted there.
it is unfortunate but there is no way around having a domain monitoring service working for you at all times. I know many of us use domaintools but I think it’s important to impress this upon those who have held domains for a long time and not paid a great deal of attention to their product. It is great that we are now being reactive to these scum. Now let’s get proactive and stop theft altogether.
ICANN is the root of a lot of problems. We have stated many times that ICANN refuses to protect the rights of current lease holders.
This is a blatant neglect of fiduciary rights of all current lease holders. The truth of the matter is registrars will sell you a lease ,but they accept no fiduciary responsibility that you will keep the lease till expiration. This is why in all the hyjacking of leases by Kentucky-and contless others ICANN has been completely SILENT, as if lease holders have no rights. Is this a problem? As Sarah Palin says ” You BETCHA “
Sahar,
You are to be commended on your decision to post my comments on ICANN. Other sites that I posted this comment on chose to block the post. It is an example of how controlled the domainer community is by the fear of telling the TRUTH.
ICANN is no more than a corporate shill for the corporations who want our Addresses. You all still think the wild West days of domaining are past? We have news for you THINK AGAIN !
Talking about stealing domain names, a topic that I think needs more attention is domain privacy. When anyone can look up the information of an owner of the domain name and the governing bodies insist this information is kept accurate it leads to serious, serious problems for the owner which can result in destroyed lives and even death. Before some of you laugh at what I’m saying I’ll explain myself a little better.
Here is just one example of what I am talking about and it is based on a client I had that payed me tens of thousands of dollars to handle damage control. I’ll change the details of this particular incident to protect the individuals.
Say you own the domain name PetFoodStoreMarket.com and decide to do thousands of dollars worth of advertising. Say someone has a beef with your company and buys the domain name ScamCompanyReportDocument.com posting lies about your company showing the WhoIs information along with a bunch of other companies.
Anyone that does a Google search using:
The PetFoodStoreMarket.com domain name
The PetFoodStoreMarket.com owner
The PetFoodStoreMarket.com owners home address
The PetFoodStoreMarket.com owners telephone number
etc.
will see instantly a Google SERP pop up, usually at the top of the list, with the title ScamCompanyReport.com. When they read it it will say that your company should not be trusted since many pets were poisoned and the owner is being investigated by police.
What can the owner do about this? He has invested money in building and advertising his company like most web projects do. If they contact the owner of ScamCompanyReportDocument.com, the owner will tell you that he can’t remove the information and that everything he is saying is true. Your really cornered into paying him off financially to remove the information since the damage it is doing is ruining your life day by day.
If you apply for a job most companies will do a Google search, if you go on a date most people will do a Google search, if you call a friend and they don’t recognize the telephone number often the friend will do a search. The domain you bought is useless, no one will buy from the store if they do any research.
If you contact a lawyer the first thing he will do is tell you it will take at least $10,000 to start to go after the individual and there is no guarantee that the individual will have any money that can be returned if you sue him.
What happens to most companies that fall in this trap? They end up closing down the website and what additional damage does this do? When the remaining client base (customers that hasn’t seen or realized the fake news) types the domain into their browser and finds a dead page, they then think they made a mistake in the domain name. This once again leads to a Google search for PetFoodStoreMarket.com which brings up the ScamCompanyReportDocument.com page.
The ScamCompanyReportDocument.com page gets the additional attention and hits pushing it higher in the search engines causing more damage to companies that are listed on the site. These guys that run these sites are the worst scum on the internet and it really is unknown how much money they extort from the people they victimize.
CIRA .ca domain names has already made some steps in the right direction to automatically protect whois information when a domain name is bought. Paying for privacy on domain names is a cash grab from registrars. There are many people who spend a lot of time looking up the WhoIs information of good domain names and report false information in the hopes that they can grab the domain when it gets pulled from the owner. Many people are just trying to protect their information without being ripped off paying for privacy. Besides privacy isn’t really privacy, the guy that had the Scam site above looked up the historical whois which had all of the previous owners and changes to the whois data.
With domain names selling for thousands even millions of dollars how long will it be before we start to see murders happening because of the whois information? If a domain is in a will or a competitor wants control of domain or to bring down a company?
What do you guys think about this topic?