Domain Hijacker On The Prowl

[Stian]

What an interesting turn this story took, when the hijacker decided to return the domains to the original owner. Surprising ending and a great read.

It's good to hear you've got your domains back and I hope it didn't make you lose too much revenue.

 

[tekz999]

I think you should just give us your insights on how to prevent domains from being hijacked without cost. Many members in here gave you their comments for free, in good faith of helping you. So instead of charging for this ebook, I think all dnf members deserve a free read.

You had "helped" the hacker, so why not help us and share your tips.

 

[jaydub]

^^^^^

 

[Dave Zan]

So - The domain hijacker gets an email plead from me, that tells him who I am and what I do and hw I make a living, I told him what he did is affecting my family and life. I told him if he is smart enough to hack, or social engineer to steal domains then he could find legitimate ways to make money. I told him I could give him som ideas and jobs to do that could get him out of this domain hijacking busineess.

I figured what the hell... If he needs help I will help him to get my names back and I would also be taking a domain hijacker out of the business and putting him in to something legit.

SO he released the accounts to me that contained my domains.. I am not leaving godaddy to go to another BETTER and HELPFUL reg.

Hmm, if this is the same Iranian hijacker, it sounds like you hit an emotional
button there.

 

[Toker]

I checked my LogIn logs at Regfly and found 5 different people
had logged in to my account.
When I get the time I'll check my files and post the domains and IPs
they used..
Every Registrar should let you have access to the logs showing
the times and IPs of anyone who logged into your account..

 

[Jimpapa]

Nice story ! op2:

 

[Brett Lewis]

Great ending!!

Some registrars take a very hands off approach in these situations.

Once domain names are stolen, they are arguably no longer subject to the registration agreements and limitation of liability provisions on which the registrars rely. The registrars owe a duty of care to their customers not to allow their valuable assets to be stolen. They cannot be willfully blind to a theft.

Go Daddy also has a policy that they will only investigate hijacking complaints received within 10 days of an alleged hijacking, but not after. If you have domains with Go Daddy, you need to monitor them regularly. You really need to monitor your domains no matter where they are hosted.
I have a client in the unfortunate situation of having only discovered the theft of a six figure domain fifty five days after it was stolen. The hijacker left the DNS alone, so the client continued to receive PPC revenue. By the time he found out about the theft, it was past the 10-day window, although the domain was still in the hijacker's alias. Still hoping for a happy ending.

UPDATE:
Go Daddy restored the domain name. Many thanks to Go Daddy for doing the right thing.

 

[ed00000]

Well,

I am the client that Brett mentioned in an earlier post. Happy to say, I got the domain back today.

My domain was hijacked on 10/15, but I only found out about the hijacking on 12/6.

Why did it take me so long?

First of all, the hijacker did not change the DNS names and I continued earning PPC income. Second, I never received the cancellation email from GoDaddy (more about the cancelation email a little later).

What's interesting is that my domain was hijacked on 10/15. Another poster (Giode, if I am not mistaken) was able to prevent the hijacking on 10/14 or 10/15, also at GoDaddy. Could it be the work of the same thief?

My case is similar to other hijackings, but with a twist. The cancellation email arrived on 12/7, one day after I found out about the hijacking. I don't have a clue why it took so long.

What did I learn from this experience?

1. All registrations should be "private".
2. From now on, I will check my account at least 3 times per week.
3. Make all passwords a RANDOM combination of number and letters, and make them as long as possible.
4. Change all "sensitive" passwords once a month.
5. When asked if I want to save a password for some site on my computer, always say "NO".
6. To protect myself even further, I am seriously considering applying for a trademark (I am only getting between 900 and 1200 unique visitors per month but I believe the true value of this 1 word domain is that it can be branded to a lot of different "themes")

In the end, GoDaddy did the right thing and I will leave my domains with them (after upgrading my better domains to "Protected Registration").

Oh, forgot to mention...

Not sure if I would be in possession of my domain without Brett's help

 

[Devil Dog]

Well,

I am the client that Brett mentioned in an earlier post. Happy to say, I got the domain back today......

Glad to hear. Bet'cha you'll be sticking around here alot longer as there are many helpful people that can help get you out of jams like such.

 

[friendships]

guys im the hijacker!
my real name is jootia maldones and my paypal is [email protected]
and after i gave the account back to williams he didnt answer or send anything to me

 

[Johnn]

guys im the hijacker!
my real name is jootia maldones and my paypal is [email protected]
and after i gave the account back to williams he didnt answer or send anything to me

Welcome aboard.

 

[Johnn]

You hijacked someone account from another forum on 4/11/08 also.

How can we help you?

 

[BuyandSwap]

Did anyone esle get this message off friendships ?

hi my friend how are you
you didnt answer me
im noobcash/rachidis
how are you man .
ok can u send 200$ that u said before to this paypal
[email protected] plz :d

 

[Theo]

Kids these days, they smoke all sorts of grass.

 

[friendships]

Did anyone esle get this message off friendships ?

lol
sry i tought that u r siteoffers.xom
ok guys lets forget that
im young , i was treing to get some cash to invest

 

[Seraphim]

Welcome aboard.

ound:

 

[Credit]

Ok...wtf....dude...this isn't a video game where you can just steal somebody's golden sword and then want to be friends with their whole clan?

 

[Johnn]

lol
sry i tought that u r siteoffers.xom
ok guys lets forget that
im young , i was treing to get some cash to invest

How old are you and how much do you need?

Do you live in Marocco?

 

[Focus]

Also, would you like to know what it's like to have your head split open on the curb?

 

[MainstreamDomains]

soooooo did i just read 4 pages - just to find out it was all to sell an ebook, or am I wrong? Eitherway not a good ending for me; cuz now either I gotta be worried bout my domains - or realize I just got punked to get an ebook. This better be the greatest ebook ever written - cuz I dont read books unless they got they start with a "dr." and end with a "seuss" - plz add lots of pictures!!!