Domain Theft
Ranked #60,008 in Tech & Geek, #1,082,365 overall | Donates to Cancer Research and Prevention Foundation
Internet domain theft is on the rise and it can happen to you
Godaddy's poor security and lack of simple verfication let my domain go
Godaddy aids and abets the theft of valuable domains
There's no shortage of scams on the internet. We have all heard about Nigerian 419 fee in advance scams, phony lotteries, identity theft, phishing, and now pulling up from the rear, domain hijacking aided by weak counterintuitive security measures by registrars like Godaddy.
Like any other crime, unless it directly affects you, a colleague, or a loved one, theft only happens to the other guy. In modern society we have acclimated to taking precautions to protect our loved ones, our homes, and our possessions, spending billions on security and insurance. We're all taught early in life to lock the doors and windows and not to open the door to strangers.
After all this indoctrination and preparation for the imperfect world we share, one would assume that these simple yet effective common sense principles would also apply to the world of protecting valuable assets like internet domains at Godaddy.com the world's largest domain registrar.
In case you are not familiar with Godaddy they are the company that airs the boorish and unoriginal Superbowl commercials targeting puberty bound adolescent males with a busty semi-attractive brunette bimbo that only a certain recent ex-president could desire.
Godaddy generates its share of negative press regarding the mishandling, kiting and questionable acquisitions of other's domains but I have an experience to share that should make anyone with a website or a domain in the waiting to take notice and seriously consider if they should trust Godaddy with their property.
It's no secret that Godaddy's domain and site hosting services are less than stellar. Their site is a spam dominated kludge of half finished partially functional user modules that even their own support staff can't navigate or recommend using. There is so much emphasis on up selling and hyping gimmicky add-ons you feel like you are speeding down the Las Vegas strip on acid.
Aside from the cheesy half-baked Godaddy user interface there is a much larger problem at Godaddy that should scare the hell out of anyone with domains in their care. My company currently has nearly 500 domains with Godaddy and aside from the inferior user interface and hit and miss customer support we were at least happy with the pricing.
On November 5th I received the following email from Godaddy indicating that I cancelled a domain.
- - - - - - - - - - - - - - - - - - - - - - - - - -
Dear jack durban,
This message is to confirm that you have initiated
a change of registrant for the following domain name(s):
3PD.BIZ
The email address for the new registrant of the domain
is foryouis311@yahoo.com.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If for any reason this information is incorrect or you feel
this change of registrant request was made in error, you may
cancel this change of registrant.
You may be asked to log in to cancel this change of registrant.
To safely log in:
1. Go to the GoDaddy.com home page and select "My Account."
2. Enter your log in name (or customer number) and password,
then click "Secure Login."
You will then be taken to the Account Manager, where you may
manage your products and services.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If you have forgotten your password, select the "retrieve
my password" link on the log in page.
If you need additional assistance, please contact us
within 15 days at support@godaddy.com.
Sincerely,
GoDaddy.com
- - - - - - - - - - - - - - - - - - - - - - - - - -
Within seconds another email arrived again from Godaddy stating that our domain was transferred!
This email is to confirm the recent change of registrant of the following domain name(s):
3PD.BIZ
The change of registrant has been completed by the new registrant and the information has been recorded in our system.
If for any reason this information is incorrect or you feel this change of registrant request was made in error, please contact us within 15 days at mailto:undo@godaddy.com.
Sincerely,
GoDaddy.com
- - - - - - - - - - - - - - - - - - - - - - - - - -
This all occurred without any involvement on our part. Apparently someone was able to break into our account and grab on our most valuable domain names without any problem.
Godaddy, without any common sense security measures or firewall-like protection just gave the domain away as if it was business as usual. No checks, no balances , no confirmations, just a non-secure open door into our cyber vault!
I discovered a line on the transfer email stating "If for any reason this information is incorrect or you feel this change of registrant request was made in error, please contact us within 15 days at mailto:undo@godaddy.com.
A sigh of relief came over me and I quickly contacted the email link provided. I was on my way to getting our stolen domain back! Let's hear it for Godaddy and a little common sense! Here's what I received from the sharp minds at Godaddy's "Undo" department%u2026
Dear Jack Durban,
Your emails have been received and forwarded to us for review. After investigating the domain name 3PD.BIZ we have determined that the changes were made by an authorized party (a party that had access to the customer account). As such, we cannot assist you with the changes made to the domains.
Any disputes over the ownership or wording of the domain name itself will need to be sent either to the registrant, through an arbitration forum such as World Intellectual Property Organization (http://www.wipo.int), or the local court system. Per ICANN regulations, domain registrars are prohibited from becoming involved in domain ownership disputes. Should you decide to proceed and initiate a legal dispute against the registrant of the domain, please send a copy of the filed and stamped complaint to domaindisputes@godaddy.com.
Kind Regards,
Undo Department
GoDaddy.com, Inc.
188499
- - - - - - - - - - - - - - - - - - - - - - - - - -
Oh but wait there's still hope. I can contact the Godaddy "Change" department and change the transfer! Hope restored and surely they will fix this right!?
Here's what I received from the sharp minds at Godaddy's "Change" department%u2026
Our support staff has responded to your request, details of which are described below:
Discussion Notes
Support Staff Response
Dear Jack Durban,
Thank you for contacting Online Support. To clear up any confusion you may have, this domain name went through a change of account and not a domain transfer. Because the change of account was initiated from within your account, and accepted by another party, the domain name can not be transferred to another registrar for 60 days. Per the UDRP, registrars are prohibited from making changes to a domain name without direction from a court or arbitration forum. If you are unable to come to a satisfactory agreement with the current registrant, you may wish to go through a court or arbitration forum (such as WIPO, The World Intellectual Property Organization, domain.disputes@wipo.int).
When we receive notice of a pending legal dispute we will lock the domain name so that it cannot be transferred or otherwise modified.
Likewise, when we receive a decision, we will update the domain name accordingly.
Please let us know if we can assist you in any other way.
Best Regards,
Lindsay C.
Online Support Representative
- - - - - - - - - - - - - - - - - - - - - - - - - -
OK folks here's what you have to look forward to when and not if you become a Godaddy domain theft victim. To recover our stolen domain that was stolen as a result of Godaddy's failure to provide even the most basic common sense checks and balances protocols to intercept fraudulent cancelations and transfers we will have to go to the WIPO! We will have to hire a legal firm that specializes in WIPO/ICANN law and pay $1,500.00 to ICANN to impanel a few impartial arbitrators to render an opinion!
Doing business with the company more interested in their next Superbowl model than basic security for their client's assets, will cost us upwards of $10,000.00 including legal fees to recover a nine dollar domain!
This coming Superbowl I will be watching out for the next Godaddy bouncing bimbo wondering if the guy that stole our domain is watching too, thanking Bob Parsons for making him and all the other lowlifes that so easily hacked Godaddy accounts so much easy money.
Bob, when you grow up and get past your adolescent obsessions please consider a little security for us poor slobs that trusted you and your incompetents to keep our domains safe.
There's no shortage of scams on the internet. We have all heard about Nigerian 419 fee in advance scams, phony lotteries, identity theft, phishing, and now pulling up from the rear, domain hijacking aided by weak counterintuitive security measures by registrars like Godaddy.
Like any other crime, unless it directly affects you, a colleague, or a loved one, theft only happens to the other guy. In modern society we have acclimated to taking precautions to protect our loved ones, our homes, and our possessions, spending billions on security and insurance. We're all taught early in life to lock the doors and windows and not to open the door to strangers.
After all this indoctrination and preparation for the imperfect world we share, one would assume that these simple yet effective common sense principles would also apply to the world of protecting valuable assets like internet domains at Godaddy.com the world's largest domain registrar.
In case you are not familiar with Godaddy they are the company that airs the boorish and unoriginal Superbowl commercials targeting puberty bound adolescent males with a busty semi-attractive brunette bimbo that only a certain recent ex-president could desire.
Godaddy generates its share of negative press regarding the mishandling, kiting and questionable acquisitions of other's domains but I have an experience to share that should make anyone with a website or a domain in the waiting to take notice and seriously consider if they should trust Godaddy with their property.
It's no secret that Godaddy's domain and site hosting services are less than stellar. Their site is a spam dominated kludge of half finished partially functional user modules that even their own support staff can't navigate or recommend using. There is so much emphasis on up selling and hyping gimmicky add-ons you feel like you are speeding down the Las Vegas strip on acid.
Aside from the cheesy half-baked Godaddy user interface there is a much larger problem at Godaddy that should scare the hell out of anyone with domains in their care. My company currently has nearly 500 domains with Godaddy and aside from the inferior user interface and hit and miss customer support we were at least happy with the pricing.
On November 5th I received the following email from Godaddy indicating that I cancelled a domain.
- - - - - - - - - - - - - - - - - - - - - - - - - -
Dear jack durban,
This message is to confirm that you have initiated
a change of registrant for the following domain name(s):
3PD.BIZ
The email address for the new registrant of the domain
is foryouis311@yahoo.com.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If for any reason this information is incorrect or you feel
this change of registrant request was made in error, you may
cancel this change of registrant.
You may be asked to log in to cancel this change of registrant.
To safely log in:
1. Go to the GoDaddy.com home page and select "My Account."
2. Enter your log in name (or customer number) and password,
then click "Secure Login."
You will then be taken to the Account Manager, where you may
manage your products and services.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If you have forgotten your password, select the "retrieve
my password" link on the log in page.
If you need additional assistance, please contact us
within 15 days at support@godaddy.com.
Sincerely,
GoDaddy.com
- - - - - - - - - - - - - - - - - - - - - - - - - -
Within seconds another email arrived again from Godaddy stating that our domain was transferred!
This email is to confirm the recent change of registrant of the following domain name(s):
3PD.BIZ
The change of registrant has been completed by the new registrant and the information has been recorded in our system.
If for any reason this information is incorrect or you feel this change of registrant request was made in error, please contact us within 15 days at mailto:undo@godaddy.com.
Sincerely,
GoDaddy.com
- - - - - - - - - - - - - - - - - - - - - - - - - -
This all occurred without any involvement on our part. Apparently someone was able to break into our account and grab on our most valuable domain names without any problem.
Godaddy, without any common sense security measures or firewall-like protection just gave the domain away as if it was business as usual. No checks, no balances , no confirmations, just a non-secure open door into our cyber vault!
I discovered a line on the transfer email stating "If for any reason this information is incorrect or you feel this change of registrant request was made in error, please contact us within 15 days at mailto:undo@godaddy.com.
A sigh of relief came over me and I quickly contacted the email link provided. I was on my way to getting our stolen domain back! Let's hear it for Godaddy and a little common sense! Here's what I received from the sharp minds at Godaddy's "Undo" department%u2026
Dear Jack Durban,
Your emails have been received and forwarded to us for review. After investigating the domain name 3PD.BIZ we have determined that the changes were made by an authorized party (a party that had access to the customer account). As such, we cannot assist you with the changes made to the domains.
Any disputes over the ownership or wording of the domain name itself will need to be sent either to the registrant, through an arbitration forum such as World Intellectual Property Organization (http://www.wipo.int), or the local court system. Per ICANN regulations, domain registrars are prohibited from becoming involved in domain ownership disputes. Should you decide to proceed and initiate a legal dispute against the registrant of the domain, please send a copy of the filed and stamped complaint to domaindisputes@godaddy.com.
Kind Regards,
Undo Department
GoDaddy.com, Inc.
188499
- - - - - - - - - - - - - - - - - - - - - - - - - -
Oh but wait there's still hope. I can contact the Godaddy "Change" department and change the transfer! Hope restored and surely they will fix this right!?
Here's what I received from the sharp minds at Godaddy's "Change" department%u2026
Our support staff has responded to your request, details of which are described below:
Discussion Notes
Support Staff Response
Dear Jack Durban,
Thank you for contacting Online Support. To clear up any confusion you may have, this domain name went through a change of account and not a domain transfer. Because the change of account was initiated from within your account, and accepted by another party, the domain name can not be transferred to another registrar for 60 days. Per the UDRP, registrars are prohibited from making changes to a domain name without direction from a court or arbitration forum. If you are unable to come to a satisfactory agreement with the current registrant, you may wish to go through a court or arbitration forum (such as WIPO, The World Intellectual Property Organization, domain.disputes@wipo.int).
When we receive notice of a pending legal dispute we will lock the domain name so that it cannot be transferred or otherwise modified.
Likewise, when we receive a decision, we will update the domain name accordingly.
Please let us know if we can assist you in any other way.
Best Regards,
Lindsay C.
Online Support Representative
- - - - - - - - - - - - - - - - - - - - - - - - - -
OK folks here's what you have to look forward to when and not if you become a Godaddy domain theft victim. To recover our stolen domain that was stolen as a result of Godaddy's failure to provide even the most basic common sense checks and balances protocols to intercept fraudulent cancelations and transfers we will have to go to the WIPO! We will have to hire a legal firm that specializes in WIPO/ICANN law and pay $1,500.00 to ICANN to impanel a few impartial arbitrators to render an opinion!
Doing business with the company more interested in their next Superbowl model than basic security for their client's assets, will cost us upwards of $10,000.00 including legal fees to recover a nine dollar domain!
This coming Superbowl I will be watching out for the next Godaddy bouncing bimbo wondering if the guy that stole our domain is watching too, thanking Bob Parsons for making him and all the other lowlifes that so easily hacked Godaddy accounts so much easy money.
Bob, when you grow up and get past your adolescent obsessions please consider a little security for us poor slobs that trusted you and your incompetents to keep our domains safe.
New Guestbook
Like this lens? Want to share your feedback, or just give a thumbs up? Be the first to submit a blurb!
by Product_Developer
Hello!
My name is Jack Durban. I am a product developer and inventor. I have several inventions on the market going back to the early 80's and over 20...
(more)
