REX.COM - Stolen Domain Name

[raoul]

4stt.bizadeydee.comadrpainting.comadvicedivadepot.comandiespencer.comandiespencer.usandrea-leigh.comandreabonoldirealtor.comandreahickeylandman.comandreamarins.comandreamaruska.comandreapennington.comandreapennington.netandreaspencer.comapplecoretherapy.comarbonnediscounts.comarbonneforever.comathomeopporunity.comaustinindiebride.comaustinletterpress.comaw-some.comawc-designs.combabycharming.combarclaysbanking.orgbathtimestoriesforgirls.comburgesshistorical.comcancer-animals.orgcharmingpress.comchasischikala.comdampandrea.comdrpennington.netemtexrealty.comfreecashdepot.infofzroadandrace.co.ukgethitchedaustin.comgetsmartpaydayloan.comgirlhero.orghome-employment-news.comhopskipshop.comkarligova.comladanu.comlawfortworth.comlawyerdfw.comnationalnetworkloan.comno-fax-cash-today.comoriginalmuggle.compacificpatios.com.aupartiesbyandrea.compassionpartiesbyandrea.compayday-setup-loan.compenningtoninstitute.compenningtoninstitute.netpenningtonplan.comproject-people-search.compursesbyandrea.comrex.comshoot2frame.comtailoredresources.comtattooflavor.comthenofaxpayday.comusnetworkpayday.comvermilionlullaby.comvideo-optin-templates.comwhitepineapplepress.comwinebyandrea.comwinepartiesbyandrea.comwinetastingsbyandrea.comwork-at-home-office.com

 

[Stian]

Ok, its 11:50 and I just emailed GD and already heard back from them. REX.COM is now back in my new GD account, Thank God! (and Horray for Godaddy!!) I had to change my nameservers and a couple of other things to get it to point back to its original host, but hopefully once propulgation resolves it will all be back to normal.


Read the whole post and glad to see godaddy helped solve the issue. Bit of a scarey thing to happen

I am happy for you. Looks like you'll have a merry Christmas after all this year. Next step; get a POP3-enabled admin e-mail address with no web interface!

Awesome name BTW! k:

 

[havlock]

It's good that you got your domain back.
However, you still don't know how it happened.
Meaning you may have same problem with your other domains at GD.
Share with us if you EVER find out how it happened.

That is correct, I still do not know HOW it happened.
But, as of now I have an dedicated account exec with GD (a live person with a real name and direct extension) and no changes can be made to my account without my express and direct interaction outside of email correspondance. So even if there is some sort of conspiracy happening via a trojan, hacker or some other wackiness, security is in place.

One of GD's execs responded to this thread to me and led me in the right direction, again, much appreciation to GD and their team!

I am indeed still investigating some things on my end and so far I cannot answer the question of HOW this happened to begin with. Should I find out I will bring the info here. Otherwise, I get the feeling somehow that I may never get to know as I dont have the brains of a hacker, so I need to rely more on protecting myself in ways that will work against such.

I did not realize GD provided such services, but am really glad to know they do and make myself a part of it. So far, so good. I was never really a GD cheerleader per se', but I have to admit, they have been completely on the ball here. Completly professional with every person I have talked to on the phone, rapid with their correspondance and rapid with results and management.

I know several of you here have said to move elsewhere and I am sure you must be happy in those places. But I see, nor have experienced, any reason to move, in fact over the course its been quite the opposite, I'd highly recommend them. Anyway, that's my Godaddy cheer for now.

Thanks again to everyone who helped resolve this quickly and to those that have shown support and concern.

I am happy for you. Looks like you'll have a merry Christmas after all this year. Next step; get a POP3-enabled admin e-mail address with no web interface!

Awesome name BTW! k:

Thanks pcproffenno! But cant you still login to a pop3 mailbox via a web interface?

Even if you have an email @yourdomain.com and you use outlook to get it, does it not sit in that mailbox and accessible if a hacker uses a web interface to get to it?

 

[Stian]

That is correct, I still do not know HOW it happened.
But, as of now I have an dedicated account exec with GD (a live person with a real name and direct extension) and no changes can be made to my account without my express and direct interaction outside of email correspondance. So even if there is some sort of conspiracy happening via a trojan, hacker or some other wackiness, security is in place.

One of GD's execs responded to this thread to me and led me in the right direction, again, much appreciation to GD and their team!

I am indeed still investigating some things on my end and so far I cannot answer the question of HOW this happened to begin with. Should I find out I will bring the info here. Otherwise, I get the feeling somehow that I may never get to know as I dont have the brains of a hacker, so I need to rely more on protecting myself in ways that will work against such.

I did not realize GD provided such services, but am really glad to know they do and make myself a part of it. So far, so good. I was never really a GD cheerleader per se', but I have to admit, they have been completely on the ball here. Completly professional with every person I have talked to on the phone, rapid with their correspondance and rapid with results and management.

I know several of you here have said to move elsewhere and I am sure you must be happy in those places. But I see, nor have experienced, any reason to move, in fact over the course its been quite the opposite, I'd highly recommend them. Anyway, that's my Godaddy cheer for now.

Thanks again to everyone who helped resolve this quickly and to those that have shown support and concern.




Thanks pcproffenno! But cant you still login to a pop3 mailbox via a web interface?

Even if you have an email @yourdomain.com and you use outlook to get it, does it not sit in that mailbox and accessible if a hacker uses a web interface to get to it?

Most registrar/hosting control panels allow you to disable the web interface, so that the only way of receiving your e-mail is to use a mail client. That at least should make it a lot harder for the hackers.

 

[-master-]

lol friend you can sign in inbox.com for a free and secure mail box,if you read the post i made for you in my topic youll understand how you owned..
by the way i'm very happy cause you could get back your Domains..

good luck

 

[havlock]

Most registrar/hosting control panels allow you to disable the web interface, so that the only way of receiving your e-mail is to use a mail client. That at least should make it a lot harder for the hackers.

I was not aware of that fact, thank you, I will definately have to check that out.

 

[raoul]

Even if you have an email @yourdomain.com and you use outlook to get it, does it not sit in that mailbox and accessible if a hacker uses a web interface to get to it?

Not if you set it up correct. Still I think you should be carefull with that option also. If I can access your pc, I can access your email.

****

The problem lies deeper and will not be solved by current "security-solutions" the registars offer.

 

[havlock]

lol friend you can sign in inbox.com for a free and secure mail box,if you read the post i made for you in my topic youll understand how you owned..
by the way i'm very happy cause you could get back your Domains..

good luck

Master, I read your other thread but I still did not understand what you were saying. How would inbox.com be anymore secure than yahoo.com or gmail.com?

And how does that relate to a hacker getting into a Godaddy account and stealing a domain name?

Your english seems a little broken in the way you write, so I think I am just having trouble interpreting what you are trying to get across.

Not if you set it up correct. Still I think you should be carefull with that option also. If I can access your pc, I can access your email.

****

The problem lies deeper and will not be solved by current "security-solutions" the registars offer.

Where do you see the problem Raoul?

 

[Sonny Banks]

Ok, its 11:50 and I just emailed GD and already heard back from them. REX.COM is now back in my new GD account, Thank God! (and Horray for Godaddy!!) I had to change my nameservers and a couple of other things to get it to point back to its original host, but hopefully once propulgation resolves it will all be back to normal.


Read the whole post and glad to see godaddy helped solve the issue. Bit of a scarey thing to happen

I am happy for you!
Merry Christmas

 

[havlock]

I am happy for you!
Merry Christmas

Thanks Carter! and Merry Christmas and a Happy New Year to you to Bro!

May all you Domainers have a productive and prosperous time in 2009!

 

[Stian]

Seriously, get Moniker.com's MaxLock on your valuable domains, or any other registrar that requires to call you and talk to you before a domain is pushed or transferred out of your account.

 

[havlock]

Seriously, get Moniker.com's MaxLock on your valuable domains, or any other registrar that requires to call you and talk to you before a domain is pushed or transferred out of your account.

That is exactly one of the things I just did with Godaddy. I was not aware they had such facility, but I am extremely happy they do.

I told them I wanted them to do a dna match before allowing a transfer, but unfortunately they do not provide such a service as of yet.

 

[Stian]

That is exactly one of the things I just did with Godaddy. I was not aware they had such facility, but I am extremely happy they do.

I told them I wanted them to do a dna match before allowing a transfer, but unfortunately they do not provide such a service as of yet.

I would be pretty shook up myself, if what just happened to you would happen to me.. :uhoh:

 

[Focus]

My idea for a solution to all of this is a fingerprint scanner like those found on many high end laptops (like IBM thinkpads) that require you to scan your fingerprint in to access a domain or move it, etc...then you just have to worry about someone chopping off your finger or making a cast of it with your print on it, lol...

And ohh yeah...JOHN BERRYHILL was the hero with Married.com (I might have not mentioned this in my last post) but luckily it was with Godaddy and they undid it..with his guidance. k: I suggest anyone who ever has a problem with a stolen domain name to retain his services for a surefire solution and recovery.

Glad you got it worked out dude.....take care of that name!

 

[havlock]

My idea for a solution to all of this is a fingerprint scanner like those found on many high end laptops (like IBM thinkpads) that require you to scan your fingerprint in to access a domain or move it, etc...then you just have to worry about someone chopping off your finger or making a cast of it with your print on it, lol...

And ohh yeah...JOHN BERRYHILL was the hero with Married.com (I might have not mentioned this in my last post) but luckily it was with Godaddy and they undid it..with his guidance. k: I suggest anyone who ever has a problem with a stolen domain name to retain his services for a surefire solution and recovery.

Glad you got it worked out dude.....take care of that name!

I like the fingerprint scanner idea, alot.

I am really surprised most of all I guess by the fact that there is no tracking information for transfer of domains held within an account. Seems to me like from the registrar end it would be a great idea to track everything in a domain transfer history, including ip numbers. I feel like I should have been able to see history of this transfer in my account control panel. I should have been able to see everything about who I transferred the domain to, including name, address, phone, ip, etc. Am I wrong?


Like I said about John Berryhill, I dont know him personally, only by his posts and reference here, but kudos to him for being available and positioned here. When my mind first said the words 'domain lawyer' his name was the first that came to mind, simply by my membership and experience here. That is foundation for being an industry leader in my book.

 

[Focus]

Yeah it would be pretty simple I think to integrate a universal fingerprint scaner technology that I'm sure already exists into registrar control panels in place or in addition to your password for access..of course it would have to be transmitted in a secure fashion and that in itself can pose a risk I would assume but hey where there is a will there is a way. eace:

*SCANNER* grrrrrrrrrrr can't edit in the legal section...now my post isn't as cool lol

 

[Stian]

What about a number generator/keycard? You know, the one which looks like a calculator, that you need to access your online banking? That would've been damn secure, as you simply couldn't access your registrar account without having that particular physical object.

 

[Theo]

There are methods more secure than fingerprints: retina identification, voice pattern and of course DNA matching.

 

[havlock]

I think those are great ideas. As the value of domains names have risen over the years, I think serious thought needs to go into greater security for situations of this sort. Those ideas are interesting because it still keeps the security and control in the hands of the owners.

 

[Focus]

I think for mass application and ease of integration using existing technology that is readily available at a low cost - fingerprints would be the way to go...