How to steal a domain name in easy stages

[RJ]

VeriSign seems to have learned nothing.

It was every webmaster’s worst nightmare - waking up one day to find that your site had disappeared and someone else owned it. Then the phonecall in which you were told that it was nothing to do with the registrar and you had to try to sort it out yourself.


All that was supposed to be in the past though. Recognising that losing customers’ domains was not good for business, extra security measures were drafted in. We were guaranteed that from now on it would take more than a spoofed email and follow-up phonecall to shift ownership.


However, it appears that it is still possible to steal domains with the minimum of effort. We have been contacted by the owner of the valuable domain DVDmovies.com who was amazed, only last month, to find that his domain had been moved and registered with another company, without his knowledge.


That the registrar at fault was no less than VeriSign - owner of all .com and .net domains - makes it worse. The fact that the company was also recently chastised by the US Appeals Court and ordered to pay millions of dollars in compensation to the owner of Sex.com for wrongly transferring his domain makes it all the more incredible.


Nevertheless, the owner of DVDmovies.com, Arnold Jones, saw his ownership pulled away with no more than a clearly forged fax of a Florida driving licence. Mr Jones managed to get a copy of the fax in which his name and address had been transposed onto a different state’s licence and he immediately noticed no fewer than six clear discrepancies.

Full article at
http://www.techworld.com/news/index.cfm?fuseaction=displaynews&newsid=672

 

[Elefekt]

eek. scary. i sure hope it dont happen to me.

 

[redhippo]

ditto..wow. whats the world coming to!!

 

[Chris Matthers]

It only happens to big domains i think .....

 

[Darren]

I've read a few stories about domain stealing. Sure as hell ain't nice.

 

[Chris Matthers]

Indeed , but its not happened that much yet but you never know 2004

i hope it stays safe

 

[Delete]

did the owner get his domain back?

 

[Elefekt]

i dont think he did.

 

[TJ]

Can that happen for domains registered through enom?

 

[Elefekt]

I think it can happen to anyone eventually. This was a bad case of bad security but dont think you are safe.

 

[fattee77]

He did get it back

 

[DrWho]

Originally posted by fattee77
He did get it back

""VeriSign seems to have learnt one lesson though. After Jones complained, provided evidence of who he was and worked through VeriSign’s convoluted investigation process, VeriSign managed to get the domain back and it is now back in Jones's possession.

While the return of Jones’ property is a step forward (previously customers were told the company would do nothing without a lawsuit) the situation will still come as a shock to many companies who assume decent security processes are in place.""

http://www.techworld.com/news/index.cfm?fuseaction=displaynews&newsid=672

 

[Dave_Z]

This is a case where you did no wrong yet everything went wrong.

I actually know someone who works there and she told me how frustrating it is over there on that aspect. She confirmed that someone sent a fax w/ a fake ID requesting access & was subsequently granted.

She said she sometimes feels guilty (although she wasn't the one who worked on the case) because there are people there trying to strike a balance between accomodating people's requests at the soonest possible time yet ensure it's legit & secure.

She says they actually callback but only if the fax is missing an item or so; that they process it once they see its requirements are complete.

Lately, though, she told me they're trying to be more vigilant; that it's sometimes hard to tell a fake ID from a real one, especially if faxed...

I told my friend to just hang in there. :p

 

[dawg]

Scary to say the least! My question is, how do you prove you owned the domain before it was stolen? Thats what worries me

 

[Dave_Z]

Originally posted by dawg
Scary to say the least! My question is, how do you prove you owned the domain before it was stolen? Thats what worries me

Just keep a printed record of your registering the domain name & paid transaction. Then keep a WHOIS record printed copy.

If you own a .INFO, .BIZ., or .US domain, copy the WHOIS record from their respective registries because they're authoritative.

Last but not least, make sure you're the registrant (the listed owner of the domain name) and you actually paid for it using your credit card!