Enom Sucks! Stay Away From Enom. (enom Reviews)

[Millering]

In the past 45 days. I have at least 20 friends got domains stolen from ENOM, which shouldn't be a coincidence. Some friends even have login question protected. We assume ENOM's database might be hacked.

We contacted enom at the first time. Enom always "investigated the case" then found "the domain was pushed to another account of enom, then transferred to godaddy. We see the transfer was legit. You need to file a lawsuit".

The ridiculous thing is that ENOM only cares the registrar transfer, but don't care of the domain push between 2 accounts under ENOM. The criminal seems to take advantage of this rule. All of the recent happened cases are that domains pushed to another account of enom, then transferred away.

There are domain stolen cases are godaddy too due to phishing emails mostly. But godaddy always try the best protect the owners and get the domains back. While ENOM does NOT care. ( What they do is just ask you to file a lawsuit.)

If you have domains under ENOM or enom's resellers, I strongly suggest you transfer the domain away asap.

 

[EM @MAJ.com]

Interesting statement. I would like to hear from other members if they have a similar experience.

 

[RON2]

I like eNom quite a bit. eNom has been one of my primary registrars for most of the past decade and I am also an ETP (technology partner) reseller with 1,799 sub-accounts under me (mostly domainers.) Not one has ever reported a domain hijacked from their account. However, a report like this definitely should warrant concern.

With that amount of accounts in such a short time, and all being friends of yours, and security questions in place, makes me think maybe they were all sub-accounts under the same reseller. I would seriously look into the integrity of the parent reseller. Resellers have the ability to make changes to registrant info and the domains for their sub-accounts, even with security questions enabled. A rouge reseller could create a lot of havoc for their customers who have sub-accounts under them.

Talk to your friends and see if there's a connection.

 

[Biggie]

1,799 sub-accounts

dats a lotta subbie's

Congrats!

 

[jeffhuang]

Hi Millering,

We had exactly same experience with you. I happened to see your post during searching for solutions on web.

We are an eNom ETP since at least 6 years ago. Some of our domains were stolen in this way (pushed to another eNom account and then transferred them to godaddy in the same day). After investigation, eNom replied me that those transfer were valid and suggested me to go to a legal counsel. I'm so disappointed to eNom. It might be possible for the thief to break my password somehow. But, I'd say that it almost impossible to know answers to my account validation questions, because those questions are used nowhere but eNom and nobody else knows the answers. And I'm extremely cautious to my machines used to log in eNom. I had to say that eNom probably no longer cares about resellers' interests. I'm feeling insecure right now, although we had modified login password. Some of our customers are considering to transfer domains from eNom to another registrar. So are we...

 

[katherine]

I had to say that eNom probably no longer cares about resellers' interests.

Domain registration is low-margin, volume business so that's why support sucks among registrars.
Besides, Enom probably expect their resellers to do the support work.

As Ron says:

I would seriously look into the integrity of the parent reseller. Resellers have the ability to make changes to registrant info and the domains for their sub-accounts, even with security questions enabled. A rouge reseller could create a lot of havoc for their customers who have sub-accounts under them.

This makes a lot of sense.

 

[EM @MAJ.com]

I'm also ETP since the early 2001, got some loyal subresellers for years (thank you folks).
Support is provided to all sub-resellers. I've been emailing/talking back and forth to Enom regarding reseller/subresellers to extend their support, sadly still no update.

Regarding stolen domains, we heard different horror stories of stolen domains from netsol, godaddy, moniker, and other registrar. Enom is not exempt. All of them suffer to a bad publicity of stolen domains. I just wish two-factor authentication is a standard process to all registrar to minimize this kind of risk.

I just hope you recover your domains quickly.

 

[stewie]

wow this is scary... thanks for heads up.

feeling like inside jobs are a major threat.

a company protecting a thief is good enough reason for me to stay away.

 

[Gerry]

Resellers have the ability to make changes to registrant info and the domains for their sub-accounts, even with security questions enabled. A rouge reseller could create a lot of havoc for their customers who have sub-accounts under them.

This is precisely what happened to me about 7 or 8 years ago. I purchased 4 LLN.com's and the seller "graciously" pushed them to an Enom account... that they created for me!

This immediately struck a nerve in me and I attempted to transfer the names out. I was never able to access the account or the domains. The reseller kept telling me I was doing something wrong. Only later did I find out about Enom's reseller tier program.

To make a long story short, the reseller told me that only I had access to the account, he could not give me the transfer codes, and I must be doing something wrong when I attempted to log in.

To this day, I do not buy names for sale from anyone who has their names at eNom. As much as that pains me some times, I refuse to let this happen again. Countless times when I contact the seller, when I ask for that name to be transferred upon purchase I want it transferred immediately. You would be surprised at the number of responses who tell me that they will only push to my eNom account and if I don't have one, they can create one for me.

Yes, I have missed out on some great names because of my total disdain for eNom. But I refuse to have domains stolen from me because of that tiered reselling scheme (scam) that they used to have. My purchase totaled about $300.00 bulk purchase back then but the resell and upside to a couple of them were huge.

 

[Gerry]

wow this is scary... thanks for heads up.

feeling like inside jobs are a major threat.

a company protecting a thief is good enough reason for me to stay away.

Reading this thread makes me think that eNom still has the tiered reseller program in place.

 

[Commerce]

Thanks for the heads up on a potential security issue. Hopefully, eNom will send out something soon to the client base if they have been compromised. Otherwise, make sure that you have very unique passwords for your various online life functions... though 20 people you know as being impacted does seem a little suspicious as regards eNom having been compromised.

 

[Theo]

It all starts with a phishing email taking you to a fake portal where you enter your info, or other means of tracking your computer's keystrokes (trojan).

 

[owndomain]

Sad to hear that. Then I do not know what is the safe registrar.


Could anyone recommend one?

 

[Jack Gordon]

This is ridiculous. None of this is an inherent enom issue. If you let your account get compromised, this can (and will) happen anywhere.

enom is a great place to do business, if you have the intelligence required to be in business for yourself.

Some of the reactionary attitudes in this thread are not surprising, but they are disappointing. Pushing at enom works well, transferring works well, and the support is very responsive every time I have needed them for anything. If you can't make an enom reseller account work for you in this business, I would question your competence.

 

[owndomain]

This is ridiculous. None of this is an inherent enom issue. If you let your account get compromised, this can (and will) happen anywhere.

enom is a great place to do business, if you have the intelligence required to be in business for yourself.

Some of the reactionary attitudes in this thread are not surprising, but they are disappointing. Pushing at enom works well, transferring works well, and the support is very responsive every time I have needed them for anything. If you can't make an enom reseller account work for you in this business, I would question your competence.

So my question is: Is there any good registrar who will help you even your account get compromised?

 

[angel69]

eNom is clearly not the top registrar it once was. Lots of nagative press about eNom's security the last few months, lots of domains being stolen from there. It can't all be bad luck or just some sad coincidence. Just like Moniker has fallen big time and now is not trusted by domainers. And I never believed Go Daddy's being the "victim registrar" for so many domain thefts was just due to "they're the largest, therefore the most domains get stolen from them" While there's some truth in that, GD did not use to be a very secure registrar, that has now changed considerably with the DTVS for transfers-out if you're a Premier customer, and its double-auth at sign-in being available to anyone for over 2 yrs now has also helped

I am aware eNom has a double-auth system, security Qs, etc so it would be most concerning if their own database was what is being broken into. Scammers cannot do it all by themselves even if registrants take the bait in a phishing scam leading to their eNom acct, there also needs to be some type of vulnerability on the registrar's part, and in this case it appears there is one at eNom, big time. I basically use eNom for when I acquired names regged there, but renewal rates are preposterous unless you have one of their "sub" or reseller accts, so I end up moving them out before exp to other places. Funny, Name and Namecheap were two places I'd take my eNom names to, but since NC is a huge reseller for eNom I'll be looking into that carefully, they depend on eNom for many things and eNom is the real registrar for your names even when you only deal with NC. As to Name, now they're owned by Rightside, the spinoff domain co created by Demand Media recently, so eNom and Name now have the same parent co....tough choices to make if you decide not to do business with eNom, since other registrars and drop-catching giants like NameJet you may already do business with are part of the same conglomerate

 

[actnow]

Here is a major heist from Enom that was new to me until it was mentioned on DNJournal this week.
It happened 3 months ago and Ian still has not regained the domains.
I am not sure of the 3 domains market value but it has to be over million dollars.

Quote - DNF
" One other important note to pass along. Today - an old friend who is well-known throughout the industry, Ian Andrew of Traffic Names Limited (operator of DotcomAgency ,com) asked us to alert you that three premium 3-digit numeric domain names - 224.com, 452.com and 605.com - have been stolen from the UK company's registrar account. Should anyone offer to sell you these domains, do not buy them as you will almost certainly end up losing both your money and the domains."

It is a shame that Enom (a Rightside.co company) has deteriorated to this level.

If you want to get Enom's attention, get Wall Street attention. Start announcing the thefts using press releases. Wall St. and the financial press will notice press releases quicker than forum and blog notices.
Mutual funds avoid companies that have possible undisclosed financial risk from lawsuits.

What is curious is that I don't hear about hijacks from Fabulous. I wonder why? Is it because fewer valuable domains are with Fab? Or, do they some kind of internal oversight that notices unusual activity?