Warning: Check forwarding when receiving names.

[domain22]

I have never posted publicly but everyone should know what has happened with my account and eNom. I own over 1600 domains with eNom.

Yesterday I was switching the URL forwarding on many domains and found that apparently somebody had access to my account and a number of my domains were being forwarded to a DomainSponsor.com landing page. The affiliate ID was 1637. I did not do this. And when I approached eNom they said that they themselves do not use DomainSponsor, and didn't know how it happened.

All they could say was "change your password"... change your password? That's it. While the monetary damage of this forwarding was minimal if anything, the fact that my account was comprimised is indeed alarming. eNom is a very large and respected registrar, but apprently their security is not sufficient.

All domain name owners should approach their registrars and ensure that we collectively have the proper security that we deserve. Part of me thinks it might be an inside job by someone working at eNom, as it is hard to believe that someone would be able to hack into my account and switch the URL forwarding. Regardless, this is extremely serious in my opinion.

I also informed DomainSponsor that they should review affiliate #1637 and check to see that this affiliate actually owns the domain names in which he/she is collecting revenues from. I also find it hard to believe that my case is isolated.

Thank you all for your time...

Richard P, CPA

 

[chatcher]

Yesterday I was switching the URL forwarding on many domains and found that apparently somebody had access to my account and a number of my domains were being forwarded to a DomainSponsor.com landing page.

I'm not sure from your post whether these are domain names you registered in your eNom account, or purchased and were pushed to you. If your account is a reseller or retail account under another ETP or reseller account, and you haven't specifically set default DNS settings for your own account, when you register a name the DNS settings may default to those of the account above yours. I am an ETP and I have noticed domains registered in subaccounts under mine pointing to my parking page. I think this can be avoided by entering new default information in your own account.

Another possibility is that the forwarding was configured by a previous owner of the domains. I have noticed that eNom DNS "remembers" previous DNS information, such as when you switch to eNom name servers from other name servers. Several times I have bought names which apparently must have used eNom DNS in the past, and when I switched back to eNom DNS I got the previous owner's settings instead of my own default settings. This may not be what happened in your case, but I thought I would mention it.

 

[Mr Webname]

Another possibility is that the forwarding was configured by a previous owner of the domains

Yes when a domain is transferred into Enom it will arrive with the previous owners settings - if it was configured to a landing page it will still unless you edit it after the transfer/push.