My godaddy account got hacked! Stolen names on the market! Beware

[Tim Schoon]

Today my GoDaddy account got hacked, and all of my names transferred out.

....

I'll see if I can find a full list and post it here. There are many LLLL.coms and other short names in the lot - around 200 names total.

Please check whois updates before you buy anything and report the seller to me if it is suspicious.

---------- Post added at 02:27 PM ---------- Previous post was at 02:23 PM ----------

The thief is selling them on Digitalpoint as 'James.Blant' and possible other places.

 

[nguyenjustin]

can't you call up godaddy and ask them to secure the account back into your name? I am pretty sure that if you provide proof they can get it back for you within minutes or block outgoing transfer or push until the case is resolve

 

[Tim Schoon]

...

 

[Namebrander]

Best of luck sorting this out !

the thief seems to be using this info on the whois

gal, pay [email protected]
wooster
wooster, FL 40059
United States
+1.4057774075 Fax --

---------- Post added at 01:56 PM ---------- Previous post was at 01:53 PM ----------

and this too

Luo, Steve [email protected]
10605 Prezia Dr
Austin, TX 78733
United States
+1.5103294099 Fax --


Did you get him blocked from selling them at dp?

 

[ecomindia]

contact all the platforms selling domains - sedo, afternic, snap, tdnam, pool, bargain ,... alll possible channels...
just quickly draft a mail, mentoning all domains, with good verification proof attached to, and circulate...

 

[DomainsInc]

christ that sucks

- never save passwords on the pc (yeah its easier but you pay for it in the end)
- make sure you use a third party firewall (windows firewall isn't good enough)
- make your pass difficult and change at least every 90 days.

 

[Tim Schoon]

Scanned my pc several times and absolutely nothing pops up. Will be doing a full reinstall to be sure. Bah.

It's a bit personal probably, which gives me a good lead. He changed my GD username to: 'nameprosidiotmoderator'

 

[Biggie]

It's a bit personal probably, which gives me a good lead. He changed my GD username to: 'nameprosidiotmoderator'

not funny but ...lol

my advice for the future, get out of godaddy

 

[Tim Schoon]

Found out what happened... Fake ICANN update email. Geez they are good fakes..

The link is masked and leaded to GobDaddy instead.

****************************** ***********
Important ICANN Notice Regarding Your Domain Name(s)
****************************** ***********

Dear User,

it is that time of year again. ICANN(the Internet Corporation for Assigned Names and Numbers) annually requires that all accredited registrars (like GoDaddy.com) ask their domain administrators/registrants to review domain name contact data, and make any changes necessary to ensure accuracy. According to our records you are the ADMINISTRATIVE CONTACT for one or more domains registered at GoDaddy.com, Inc. as of May 1st, 2010.

To review/update your Account data, simply:
+ Login to https://dcc.godaddy.com/ default.aspx?isc=ICANN0908a& amp;ci=8987
+ You will be taken to a landing page and asked to enter your account information
Please take a look that your account and domain information is up to date.

If, however, your domain contact information is inaccurate, you must correct it. (Under ICANN rules and the terms of your registration agreement, providing false contact information can be grounds for domain name cancellation.) To review the ICANN policy, visit:http://www.icann.org/ whois/wdrp-registrant-faq.htm

Should you have any questions, please email us at [email protected] or call our customer support line at (480) 505-8877.

Thanks for your attention and thank you for being a GoDaddy.com, Inc. customer.

Sincerely,
GoDaddy.com, Inc. Domain Support


If you are the domain administrator of more than one GoDaddy.com domain account, you may receive this notice multiple times.

DO NOT CLICK THESE EMAILS

 

[exxe]

The link is masked and leaded to GobDaddy instead.

Tell Goddady to disable that domain.

 

[Biggie]

Found out what happened... Fake ICANN update email. Geez they are good fakes..

The link is masked and leaded to GobDaddy instead.

****************************** ***********
Important ICANN Notice Regarding Your Domain Name(s)
****************************** ***********

Dear User,

it is that time of year again. ICANN(the Internet Corporation for Assigned Names and Numbers) annually requires that all accredited registrars (like GoDaddy.com) ask their domain administrators/registrants to review domain name contact data, and make any changes necessary to ensure accuracy. According to our records you are the ADMINISTRATIVE CONTACT for one or more domains registered at GoDaddy.com, Inc. as of May 1st, 2010.

To review/update your Account data, simply:
+ Login to https://dcc.godaddy.com/ default.aspx?isc=ICANN0908a& amp;ci=8987
+ You will be taken to a landing page and asked to enter your account information
Please take a look that your account and domain information is up to date.

If, however, your domain contact information is inaccurate, you must correct it. (Under ICANN rules and the terms of your registration agreement, providing false contact information can be grounds for domain name cancellation.) To review the ICANN policy, visit:http://www.icann.org/ whois/wdrp-registrant-faq.htm

Should you have any questions, please email us at [email protected] or call our customer support line at (480) 505-8877.

Thanks for your attention and thank you for being a GoDaddy.com, Inc. customer.

Sincerely,
GoDaddy.com, Inc. Domain Support


If you are the domain administrator of more than one GoDaddy.com domain account, you may receive this notice multiple times.

DO NOT CLICK THESE EMAILS

i made a post about that today



and sent copy to gd and singlehop.net, which is where ip points to

 

[Spex]

Damn, hope it gets settled fast before these names get sold and resold

Can (or has) GoDaddy do (or done) anything about these spoofed domains and fraudulent emails other than have the domains disabled?

 

[-ET-]

Thanks for the heads up on the GoDaddy mail phishing page. Just checked all the mails i got.

 

[silentg]

I just checked my inbox and got 2 of these emails.

dcc.GoDaddy.com has been suspended

 

[cmason]

I received the same message on December 17, but instead of GobDaddy it was GoDaoddy. Thankfully a DomainGang post I had read just moments prior clued me in. I was always careful about email links before, but now it's more important than ever despite the number of REAL ICANN noticed GoDaddy sends out.

 

[DomainShane]

It's not relevant news until it's on Domain Name Wire or The Domains.

 

[frankburns]

thx for the heads up

 

[Theo]

It's not relevant news until it's on Domain Name Wire or The Domains.

It's actually old news - just like about the GoDaddy/DomainTools snafu. Nobody beats DomainGang. Heck, I'd post the Moniker employee's name if I wanted to but I'm saving them the embarassment.

 

[james2002]

I have locked my account at Godaddy so that each time the domain to be pushed or transfer, my godaddy account exec calls me to verify via a password (different one just for this purpose). That's much safer.

 

[Tim Schoon]

I have locked my account at Godaddy so that each time the domain to be pushed or transfer, my godaddy account exec calls me to verify via a password (different one just for this purpose). That's much safer.

Will do the same. I have to say GD employees know how to deal with this. They must have done it a million times before...
I've heard the same guy offered someone many LLL.net's aswell. I don't have any in my GD account so he must have stolen them from someone else.