Page 1 of 4 1234 LastLast
Results 1 to 25 of 99
  1. #1
    Join Date
    Apr 2005
    Posts
    49

    Godaddy helped someone hijack my account and steal my domains

    Last night, as I was working, I started receiving emails from my godaddy account stating that my domains were being unlocked, and transferred. I immediately tried to login to my godaddy account. My email and password were no longer valid on my account. I called Godaddy's support number and explained to them that someone had broken into my account, changed my info, and was transferring domains away as we spoke. The rep told me there was nothing he could do about it, and I'd have to contact WIPO if I wanted my domain names back. In fact, he wouldn't even let me change my domain account info back to my own info. Apparently, his stance is that if someone hacks your account and changes the email and password, that means it now belongs to them, and not you.

    Someone is hacking my entire domain account at Godaddy, and I have to contact WIPO? I don't think so. I demanded to speak to a supervisor. The supervisor helped change my email and password back so I could login, but not until after he talked for a half hour, repeating over and over again that he couldn't do it. All the while, domain names were being stolen from my account, one at a time, as I watched the notification emails pouring in telling me how my domains were being unlocked and transferred. Is this not like sitting on the phone with a cop who doesn't want to come out to your business, while someone is loading merchandise out the front door as you speak? Would the cop just tell you to make an insurance claim?

    After I was able to login, I noticed that the domains were no longer even present in my domain list, so I could not change my info back on them. The supervisor told me that the domains were transferred to another Godaddy account, so they would immediately disappear from my account. I asked him to transfer my domains back from the hacker's account. He said no. Even though he had the domains at his fingertips, within his own system, he refused to help. It's not like they were transferred to another registrar. The hacker had the guts to use the same registrar to transfer them. I asked him how this hacker was able to enter my account. I wanted to know who called in and pretended to be me, and who the rep was that helped them to steal my account. He told me that one of his own employees (I have his name now) did it. So, his employee at Godaddy aided someone in stealing my entire domain account with dozens of domain names. The supervisor (I have his name too) told me he couldn't do anything about it.

    So, a Godaddy employee aids another person in stealing my entire domain account, and godaddy does nothing but protect their employee who performed this honorable deed. They see nothing wrong with what happened, and think that they have no responsibility in the severe security breach of their own employees and their own ridiculous security flaws. I've heard of problems with security at Verisign, but I've never once heard of anything this blatant and ridiculous happening with a registrar. What kind of security does Godaddy have that they let their own employees give away not just your domain names, but your entire domain accounts?

    If anyone knows anything about the legality of this situation, I'd appreciate the information. My domain names have been stolen. My domain account was stolen. Godaddy aided the thief. I want those responsible to be prosecuted, big time.
    Last edited by GDiddy; 04-19-2005 at 09:57 AM.

  2. #2
    You can complain about it to ICANN via this link:

    http://icann.org/compliance/

    Otherwise, only legal assistance can help you. Theft is theft, after
    all.

    Of course, be prepared to prove it. And you might want to post
    this interesting thread in other domain forums.

  3. #3
    Join Date
    Feb 2003
    Posts
    5,400
    Someone did a similiar thing recently at godaddy, I think it was mall.com
    Domain Maven

  4. #4
    Join Date
    Apr 2004
    Location
    Chicago, IL
    Posts
    288
    Another obvious example of why not to use GoDaddy. Something similar happened to me at Enom - although it was a little more complicated and involved one of my subaccounts, but when I called they moved everything back to me immediately.

    GoDaddy's prices are nice, but their policies and support just flat out sucks.
    No Signature Required

  5. #5
    Join Date
    Apr 2005
    Posts
    49
    This is not good, I just emailed a complaint to registrar@icann.org and it bounced. It says user is unknown. That is the email that they give on the website.

  6. #6
    Try this one: http://reports.internic.net/cgi/regi...lem-report.cgi

    Can you post 2 more times so I can PM you an interesting link
    from another forum? I don't know if I can post a link from another
    domain forum here as it might be in bad taste, but that forum has
    a new topic you might be interested in.

    Originally posted by dmaven
    Someone did a similiar thing recently at godaddy, I think it was mall.com
    Yup, and it's currently being worked on. A lot of people, especially
    the original owner, is hoping it'll be returned ASAP.

  7. #7
    Join Date
    Apr 2005
    Posts
    49
    Sure, here is one post.

  8. #8
    Join Date
    Apr 2005
    Posts
    49
    And here is the second.

  9. #9
    Join Date
    Aug 2002
    Location
    here
    Posts
    1,566
    One more, need 5
    Dave

  10. #10
    Join Date
    Jul 2002
    Location
    Kuwait
    Posts
    10,620
    Originally posted by dmaven
    Someone did a similiar thing recently at godaddy, I think it was mall.com
    not only mall.com, they are 40 amazing domains this image was uploaded on other domain forum too http://www.image.sc/uploads/76b742b026.jpg

    how sick godaddy don't help people to claim their domains back!

    also reminds me of case.com which still unclaimed!
    Bashar Al-Abdulhadi - KuwaitNET Internet Services Serving customers since 1997
    Kuwait's First Webhosting and Domain Registration provider - an ICANN Accredited Registrar

    Twitter: Bashar Al-Abdulhadi

  11. #11
    Join Date
    Apr 2005
    Posts
    49
    Ok, here's number 5!

  12. #12
    Join Date
    Jul 2002
    Location
    Kuwait
    Posts
    10,620
    btw as per the rules you're not allowed to spam to increase number of posts

    but since its for help purposes i'll have to let this pass

    good luck in returning your domain back!
    Bashar Al-Abdulhadi - KuwaitNET Internet Services Serving customers since 1997
    Kuwait's First Webhosting and Domain Registration provider - an ICANN Accredited Registrar

    Twitter: Bashar Al-Abdulhadi

  13. #13
    Join Date
    Apr 2005
    Posts
    49
    Sorry, it won't happen again.

  14. #14
    Join Date
    Jul 2003
    Location
    Castle Pines, CO
    Posts
    7,189
    Originally posted by davezan
    Try this one: http://reports.internic.net/cgi/regi...lem-report.cgi

    Can you post 2 more times so I can PM you an interesting link
    from another forum? I don't know if I can post a link from another
    domain forum here as it might be in bad taste, but that forum has
    a new topic you might be interested in.

    Yup, and it's currently being worked on. A lot of people, especially
    the original owner, is hoping it'll be returned ASAP.
    Actually you can usually post links to other forums - you just can't tell people to build up their thread counts so you can PM them. Plus post the forum - it might help. The one I always go to is www.dnforum.com for help with issues like this

    GDiddy - I sure hope you get your problems worked out. I got a similar email the other day about myself requesting my password - which I know I did not. I immediately went in & changed it.

  15. #15
    Thanks Corey!

    Okay, GDiddy, register and confirm your signup at namepros.com,
    then post your plight at the Legal Issues & Disputes section. But
    again, you have to be ready to prove what happened.

    That forum just released a new registrar review section, too.

  16. #16
    Join Date
    Sep 2003
    Posts
    1,916
    It is sad. GoDaddy still worthless despite this happening time and time again.

    http://www.webhostingtalk.com/showth...hlight=brs.net

  17. #17
    Join Date
    Apr 2005
    Posts
    49
    Thanks. I tried to post on dnforum, but after spending 10 minutes going through their registration process, it will not let me post a new thread.

  18. #18
    Join Date
    Jul 2002
    Location
    Kuwait
    Posts
    10,620
    dnforum is a paid forum not free like most others...
    Bashar Al-Abdulhadi - KuwaitNET Internet Services Serving customers since 1997
    Kuwait's First Webhosting and Domain Registration provider - an ICANN Accredited Registrar

    Twitter: Bashar Al-Abdulhadi

  19. #19
    Join Date
    Jul 2003
    Location
    Castle Pines, CO
    Posts
    7,189
    Ah sorry - not exactly why I never had any problems posting over there or paid them any money. I do not follow some of those *** much as others.

  20. #20
    Join Date
    Feb 2005
    Location
    Northern VA
    Posts
    1,582
    I'm surprised that this is happening and there hasn't been any press on this other than complaints in forums.

    Gdiddy - if you can document what happened pretty well you ought to go to some prominent internet news sites and get your story out.

    I'm a bit concerned now myself but I add private domain protection on my account too which should protect it a bit more from having the admin contact information changed.

    I'm starting to think I should just transfer all my domains that I have in Godaddy to another account.
    Rich
    Husband, Father, Retired Marine, Geek

  21. #21
    Join Date
    Sep 2004
    Posts
    99
    I am thinkin the same thing. Get the word out this is really bad stuff

  22. #22
    Join Date
    Jun 2003
    Location
    USA
    Posts
    31
    GDiddy,

    You mentioned that a GoDaddy employee helped to "steal" your account. Did they reset your password/update your email address over the phone with this person? But why would you still receive emails about the domains unlocking if your email address changed? I though GoDaddy sends all password resets via email? Is your email password the same as your GoDaddy account?

    I would be concerned with how they posed as yourself, this person may have enough personal information on you to do this again (ssn #, family/pet names etc...)

  23. #23
    Join Date
    Apr 2005
    Posts
    49
    Originally posted by HXM-Jacob
    GDiddy,

    You mentioned that a GoDaddy employee helped to "steal" your account. Did they reset your password/update your email address over the phone with this person? But why would you still receive emails about the domains unlocking if your email address changed? I though GoDaddy sends all password resets via email? Is your email password the same as your GoDaddy account?

    I would be concerned with how they posed as yourself, this person may have enough personal information on you to do this again (ssn #, family/pet names etc...)
    Yes, they reset my email and password with the person who called them.

    With my receiving emails, my guess is that Godaddy's login email is different from their notification email. They were set as two different email addresses. Also, the alternate address was listed as contact email on my domains that were stolen.

  24. #24
    Join Date
    Aug 2002
    Location
    here
    Posts
    1,566
    Time to move all my domains away. Im thinking enom looks like a good place. /me searches for a ETP
    Dave

  25. #25
    Join Date
    Mar 2004
    Posts
    38
    Originally posted by DevilDog
    I'm a bit concerned now myself but I add private domain protection on my account too which should protect it a bit more from having the admin contact information changed.
    And it's just "a bit" more. With the last 4 digits of your credit card #, DomainsByProxy will also allow compromising your account.

    I'm transferring my personally important domains to Moniker. I hope my GoDaddy account not hacked until it's completed.

Page 1 of 4 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •