Annoyed at NSI

[draqon]

am i the only one who is pissed off at NSI because they are allowing those stolen domains to be restolen? I mean, how stupid is that? Its reached a new low.

Take Mary.com for example. The thief stole it from NSI, transferred it to Dotregistrar. Then NSI, i assume, transferred it bck to NSI. But now, it reflects completely fake whois info again.

*sigh*

[GeorgeK]

How is it that Dotregistrar is the place stolen domains are ending up at? Is there a weakness in their authentication for contacting the current owner?

Fortunately, ALL my domains are under domain lock.

[draqon]

im not sure why the thief chose DotRegistrar, but i dont think it has anything to do with the way they contact the old owner during a registrar transfer. Each of the stolen domains, at least the ones i know about, had an invalid admin email so *none* of the registrars would have been able to contact the owner by email.

[GeorgeK]

The transfer should fail, though, if the gaining registrar can't contact the registrant via the admin email at the losing registrar, though.

[draqon]

yes and no.

to steal a domain with an invalid email, they first fraudulently get NSI to change the email to a valid one at yahoo or another anonymous free place. So when the receiving registrar contacts the current admin, it works just fine, cuz its the thief's email they are contacting.

[RacerX]

are right on dragon.

This thief is still in full control of these stolen names. His move to NSI was just a ruse, pure and simple. Witness lust.com and url.com, (and many others). He is definitely trying to figure out how to 'cover his tracks'. Further, the use of the misspelled 'novaildemail' @verisign.com indicates he has a partner in crime inside NSI itself. He is obviously using this verisign email address (Verisign does not issue free email service to the best of my knowledge) and then transferring them to more bogus email accounts and bogus registrant information. RacerX is aware of several individuals who have been in contact with NSI over this matter, but so far NSI is doing NOTHING to stop it. The game is not over though, and I am confident justice will ultimately prevail...

On another note, RacerX, as many others here I am sure have noticed on your snapback reservations, NSI is nefariously changing some registrant records to 'null' or 'no valid city no valid state' in the registrant address record, and then coupling this activity with paying up the domain name. This is an obvious trick. RacerX recommends DO NOT REMOVE YOUR SNAPBACK because if you do, the unsavory entity (or the very same thief that has stolen names) then places a snapback on the name. Check the names you have lifted snapbacks on if you thought the name was paid up and if there was a 'null' placement in the registrant address change. You might be surprised as what these scoundrels out there are doing...