My domain has been stolen, my account has bben breached!

[erikbrodch]

Hi,
My account at goddady has been breached. The password has been chaneged and also the email. one of my domains was stolen. Now, I changed back the setting and they are trying to get the domain back. What can I do in order to prevent it from happaning again?
Anyway, beware and take a look if your domain are out there.

[draggar]

Your registrar account is only as secure as your email.

GoDaddy has a nice feature - you can change the WhoIs contact email when you register domains.

I have an email address that is from one of my domains. That is my account email address with GoDaddy. When I register domains, on the contact confirmation screen I enter my gmail address so that is the Whois contact email address.

Moniker lets you do this, too.

[erikbrodch]

Thanks,
So, and forgive my question, I take one of my domain's email, but if someone got in to my account, that means that he got my password somehow. Noone knows my password so how could he do it? It is strange, because when I talked to goddady 3 weeks a go one of the suuport represantatives told me that he is impraased by the domain (not that good). today I could not log to my account and the domain was stolen. I cold them and they fixed it but the domain already has been transferd. There was a strange thing. I was asked to send an email to them telling my story in ordr to get the domain back. The problem was that I could not send emails from both of my computers at home and from several email accounts. My girlfreind at her home could. She told me that someone might have blocked the IP. I don't know a lot but it seems strange.
What can I do now? Does goddady rep' knows my password? what is dtvs? Please try to help me.
Thanks

[Banned: theinvestor]

What's the name that is stolen?

[Aleksandar]

Whatever is the case, I think you should get familiar with this:

http://en.wikipedia.org/wiki/Phishing

[erikbrodch]

w6v.com

[draggar]

Thanks,
So, and forgive my question, I take one of my domain's email, but if someone got in to my account, that means that he got my password somehow. Noone knows my password so how could he do it? It is strange, because when I talked to goddady 3 weeks a go one of the suuport represantatives told me that he is impraased by the domain (not that good). today I could not log to my account and the domain was stolen. I cold them and they fixed it but the domain already has been transferd. There was a strange thing. I was asked to send an email to them telling my story in ordr to get the domain back. The problem was that I could not send emails from both of my computers at home and from several email accounts. My girlfreind at her home could. She told me that someone might have blocked the IP. I don't know a lot but it seems strange.
What can I do now? Does goddady rep' knows my password? what is dtvs? Please try to help me.
Thanks

What email service do you use for your registrar contact (meaning when you request a password reset, what email does it go to (don't post the emaiil, just the service)? Don't use a free service (gmail, hotmail, etc..). Like I said, I use one from a domain that I own (I don't even use that domain) and the account name is a little complicated, as well as the password.

Whatever is the case, I think you should get familiar with this:

http://en.wikipedia.org/wiki/Phishing

Yes, there's been some very good attempts at phishing for GoDaddy accounts recently, like the alleged ICANN update / contact confirmation one I got last week that took me to godbaddy.com (and others mentioned similar domains). GoDaddy will always tell you that you can go to their site (not click on a link), log in, and follow a set of prompts. If you're ever unsure, call their customer service.

BTW - this should go with any registrar.

[erikbrodch]

I use gmail.
I know it is a beginner question but I will ask:
1. If my account is hacked, won't they have the abilty to get in to my email? they can't changed the password to the email account?
2. Can I get to a domain email without loging to my goddady account?
3. Let's assume that he got my gmail. What can he do with it if the password isn't there?
Thanks a lot to anyone that helps, I sure appreciate it a lot!!!

[draggar]

The two most common ways of getting into someone else's account:

1) Phishing. They sent out a mass email to people that looks legit, telling them that they need to click on a link and log into their GoDaddy account. You click on the link and then enter your login and password. They now have your credentials.

The only way to prevent this is to question everything. Your best bet is if you get an email saying go to GoDaddy and log in - open up your browser and type in godaddy.com and log in or call their customer service. Do not click on any link in an email.

2) Hacking emails. Free email services are not hack proof. It's not easy but it's not impossible. They hack it and set up an invisible forwarder to send your emails to another account. Then, they go to your registrar and request a password reset.

Using an email based on one of your own domains adds another level of security. They'll need to get into your account to set up the forwarding (and by then it'll be pointless because they're already in). No simple hack and get the password.

Also, make sure your passwors are secure. Don't use common ones - loved ones, pets, hobbies, etc. Non native languages are good, non alphanumberic characters ($*&) are good, even non-traditional characters ( ñ, ÿ, ô, ¿) are good to have, too.

If you have to use one of the common ones, don't just have the word. If you like soccer and want to use that as your password, then make that secure. $0cc3r would be far more secure than just soccer.

[erikbrodch]

Thank you very much dragger.