Domain theft from godaddy account...

[highnfar]

I don't know how... but my godaddy account has been hacked on the last Friday. The fk hacker transferred 3 of my domains into another godaddy account. He also changed the registrant for one domain and list the domain name onto bodis.com for sale....

I did get email notifications few minutes after the domain transfers, but I was driving at that time, so only read the emails and recognized the issue two hours later. Then I called godaddy customer service twice. The reps can only check the transfer history, can't do anything else, but asked me to send email requests to [email protected]. For the two domains that I am still listed as the registrant, they asked me to fill out the Change of Account/Email Update Request form.

I sent email as instructed, after 3 days long waiting.... they finally replied me today, but asked me two stupid questions. 1) Your association with this registrant. (The hacker...) 2) Any additional information you may have regarding how the current registrant was able to obtain control of the domain name. (God knows...) WTF, I don't know the person, I don't know how he possibly hacked into my account...

I replied undo with all the information I have. It's another 5 hours passed, no further update from them... Hopefully the two domains that I am still listed as the registrant have been retrieved back into my account.

Anyone here exprienced similiar issues before? Any suggestion what should I do to get the domain back asap? Thanks a lot!

 

[Biggie]

did you get an email from Godaddy recently, relating to ICANN notification:

ie:

Subject: Important ICANN Notice Regarding Your Domain Name(s)

****************************** ***********
Important ICANN Notice Regarding Your Domain Name(s)



Dear User,


it is that time of year again. ICANN(the Internet Corporation for
Assigned Names and Numbers) annually requires that all accredited
registrars (like GoDaddy.com) ask their domain
administrators/registrants to review domain name contact data, and make
any changes necessary to ensure accuracy. According to our records you
are the ADMINISTRATIVE CONTACT for one or more domains registered at
GoDaddy.com, Inc. as of May 1st, 2010.

To review/update your Account data, simply:

+ Login to https://dcc.godaddy.com/ default.aspx?isc=ICANN0908a&
amp;ci=8987

+ You will be taken to a landing page and asked to enter your account
information

Please take a look that your account and domain information is up to
date.

if so, and you clicked on the link....then that's how your account could have been compromised


imo..

 

[Theo]

Hopefully the thief is from a remote locale that would prove he's not the usual user, per their IP. PM me the domains to investigate further.

 

[URLtrader]

Godaddy has an optional security feature called DTVS (Domain Transfer Validation Service) . Once you activate it, a representative from godaddy will call you on a pre specified number (best would be your cellphone) and ask for a PIN. This call is recorded. Once you give the PIN and he puts into his computer he gets to see the domain being transferred to another account/registrar. Then he reads the domain name to you and asks if you are transferring it. Once you confirm, the transfer goes ahead.

I am using it for several years and find it very useful. May be you can try it.

 

[Mr.Domains]

Sorry man, I know how bad that feels. I was a small-time trader, mostly buying under $70-80 domains. I decided I wanted one "good" name for my portfolio, so I saved up over a grand and spent the whole lot on 1 LLL.net domain. A couple of months later someone stole it from my GoDaddy account, flipped it a couple of times, and it ended up being legitimately purchase by another DNF member here. Needless to say, GoDaddy could do nothing, I'm down a grand, and someone else now owns my domain... :-(

 

[angel69]

The DTVS mentioned by URLTrader is great, the phone # you give the rep (remember, you cannot get this service unless your acct is at least Premium Gold, many great customers were dropped out of the previous Premier program in Jan 2013, requirements are tougher to qualify now) is not stored as part of your NoDaddy profile, I guess it's literally handwritten by your rep and cannot be accessed by anybody else even in the Premier dept (I could be wrong about this these days but when your rep isn't there you can expect some delays, not even the supervisor will handle it sometimes...) It is a bit of a hassle if you need the transfer out of YoDaddy right away and the rep can't reach you or it's he who isn't there, keep that in mind. Heavy traders often opt out of this service cuz it may limit your activity and buyers might get pissed at you when delays happen

What hasn't been mentioned and both HighnFar and Mr.Domains can have now (any customer qualifies) is the double-authentication at sign in, where MoDaddy texts a code to your smartphone and you just can't get into your acct w/o it. It makes your acct much, much safer (if not foolproof) and it's equivalent to the sec questions you have to answer at Fabulous (which Moniker also has but charges a lot of), or the VeriSign code generated when you log in to places like eBay, PayPal, Name.com, etc (you pay w/those people but it's only a one-time fee)

But.... thieves are almost always a step ahead of domainers, so a resourceful hacker won't be stopped. And I find it amazing that in 2013 you still have plenty of instances where domains are stolen from Go Daddy accts and then victims are told "get over it", "it's your fault/you should've been more careful" or "move on" (A polite fukc off, we don't need your biz from good old GD in other words....)

out:

 

[frankburns]

dtvs is the way to go. best security I can think of