Results 1 to 25 of 99
-
04-19-2005, 09:51 AM #1Junior Guru Wannabe
- Join Date
- Apr 2005
- Posts
- 49
Godaddy helped someone hijack my account and steal my domains
Last night, as I was working, I started receiving emails from my godaddy account stating that my domains were being unlocked, and transferred. I immediately tried to login to my godaddy account. My email and password were no longer valid on my account. I called Godaddy's support number and explained to them that someone had broken into my account, changed my info, and was transferring domains away as we spoke. The rep told me there was nothing he could do about it, and I'd have to contact WIPO if I wanted my domain names back. In fact, he wouldn't even let me change my domain account info back to my own info. Apparently, his stance is that if someone hacks your account and changes the email and password, that means it now belongs to them, and not you.
Someone is hacking my entire domain account at Godaddy, and I have to contact WIPO? I don't think so. I demanded to speak to a supervisor. The supervisor helped change my email and password back so I could login, but not until after he talked for a half hour, repeating over and over again that he couldn't do it. All the while, domain names were being stolen from my account, one at a time, as I watched the notification emails pouring in telling me how my domains were being unlocked and transferred. Is this not like sitting on the phone with a cop who doesn't want to come out to your business, while someone is loading merchandise out the front door as you speak? Would the cop just tell you to make an insurance claim?
After I was able to login, I noticed that the domains were no longer even present in my domain list, so I could not change my info back on them. The supervisor told me that the domains were transferred to another Godaddy account, so they would immediately disappear from my account. I asked him to transfer my domains back from the hacker's account. He said no. Even though he had the domains at his fingertips, within his own system, he refused to help. It's not like they were transferred to another registrar. The hacker had the guts to use the same registrar to transfer them. I asked him how this hacker was able to enter my account. I wanted to know who called in and pretended to be me, and who the rep was that helped them to steal my account. He told me that one of his own employees (I have his name now) did it. So, his employee at Godaddy aided someone in stealing my entire domain account with dozens of domain names. The supervisor (I have his name too) told me he couldn't do anything about it.
So, a Godaddy employee aids another person in stealing my entire domain account, and godaddy does nothing but protect their employee who performed this honorable deed. They see nothing wrong with what happened, and think that they have no responsibility in the severe security breach of their own employees and their own ridiculous security flaws. I've heard of problems with security at Verisign, but I've never once heard of anything this blatant and ridiculous happening with a registrar. What kind of security does Godaddy have that they let their own employees give away not just your domain names, but your entire domain accounts?
If anyone knows anything about the legality of this situation, I'd appreciate the information. My domain names have been stolen. My domain account was stolen. Godaddy aided the thief. I want those responsible to be prosecuted, big time.Last edited by GDiddy; 04-19-2005 at 09:57 AM.
-
04-19-2005, 10:07 AM #2Web Hosting Master
- Join Date
- May 2004
- Posts
- 4,076
You can complain about it to ICANN via this link:
http://icann.org/compliance/
Otherwise, only legal assistance can help you. Theft is theft, after
all.
Of course, be prepared to prove it. And you might want to post
this interesting thread in other domain forums.
-
04-19-2005, 10:10 AM #3Web Hosting Master
- Join Date
- Feb 2003
- Posts
- 5,400
Someone did a similiar thing recently at godaddy, I think it was mall.com
Domain Maven
-
04-19-2005, 10:16 AM #4Web Hosting Guru
- Join Date
- Apr 2004
- Location
- Chicago, IL
- Posts
- 288
Another obvious example of why not to use GoDaddy. Something similar happened to me at Enom - although it was a little more complicated and involved one of my subaccounts, but when I called they moved everything back to me immediately.
GoDaddy's prices are nice, but their policies and support just flat out sucks.No Signature Required
-
04-19-2005, 10:19 AM #5Junior Guru Wannabe
- Join Date
- Apr 2005
- Posts
- 49
This is not good, I just emailed a complaint to registrar@icann.org and it bounced. It says user is unknown. That is the email that they give on the website.
-
04-19-2005, 10:26 AM #6Web Hosting Master
- Join Date
- May 2004
- Posts
- 4,076
Try this one: http://reports.internic.net/cgi/regi...lem-report.cgi
Can you post 2 more times so I can PM you an interesting link
from another forum? I don't know if I can post a link from another
domain forum here as it might be in bad taste, but that forum has
a new topic you might be interested in.
Originally posted by dmaven
Someone did a similiar thing recently at godaddy, I think it was mall.com
the original owner, is hoping it'll be returned ASAP.
-
04-19-2005, 10:32 AM #7Junior Guru Wannabe
- Join Date
- Apr 2005
- Posts
- 49
Sure, here is one post.
-
04-19-2005, 10:43 AM #8Junior Guru Wannabe
- Join Date
- Apr 2005
- Posts
- 49
And here is the second.
-
04-19-2005, 10:50 AM #9Web Hosting Master
- Join Date
- Aug 2002
- Location
- here
- Posts
- 1,566
One more, need 5
Dave
-
04-19-2005, 11:04 AM #10Retired Moderator
- Join Date
- Jul 2002
- Location
- Kuwait
- Posts
- 10,620
Originally posted by dmaven
Someone did a similiar thing recently at godaddy, I think it was mall.com
how sick godaddy don't help people to claim their domains back!
also reminds me of case.com which still unclaimed!Bashar Al-Abdulhadi - KuwaitNET Internet Services Serving customers since 1997
Kuwait's First Webhosting and Domain Registration provider - an ICANN Accredited Registrar
Twitter: Bashar Al-Abdulhadi
-
04-19-2005, 11:07 AM #11Junior Guru Wannabe
- Join Date
- Apr 2005
- Posts
- 49
Ok, here's number 5!
-
04-19-2005, 11:12 AM #12Retired Moderator
- Join Date
- Jul 2002
- Location
- Kuwait
- Posts
- 10,620
btw as per the rules you're not allowed to spam to increase number of posts
but since its for help purposes i'll have to let this pass
good luck in returning your domain back!Bashar Al-Abdulhadi - KuwaitNET Internet Services Serving customers since 1997
Kuwait's First Webhosting and Domain Registration provider - an ICANN Accredited Registrar
Twitter: Bashar Al-Abdulhadi
-
04-19-2005, 11:23 AM #13Junior Guru Wannabe
- Join Date
- Apr 2005
- Posts
- 49
Sorry, it won't happen again.
-
04-19-2005, 11:41 AM #14Texan at Heart
- Join Date
- Jul 2003
- Location
- Castle Pines, CO
- Posts
- 7,189
Originally posted by davezan
Try this one: http://reports.internic.net/cgi/regi...lem-report.cgi
Can you post 2 more times so I can PM you an interesting link
from another forum? I don't know if I can post a link from another
domain forum here as it might be in bad taste, but that forum has
a new topic you might be interested in.
Yup, and it's currently being worked on. A lot of people, especially
the original owner, is hoping it'll be returned ASAP.
GDiddy - I sure hope you get your problems worked out. I got a similar email the other day about myself requesting my password - which I know I did not. I immediately went in & changed it.
-
04-19-2005, 12:50 PM #15Web Hosting Master
- Join Date
- May 2004
- Posts
- 4,076
Thanks Corey!
Okay, GDiddy, register and confirm your signup at namepros.com,
then post your plight at the Legal Issues & Disputes section. But
again, you have to be ready to prove what happened.
That forum just released a new registrar review section, too.
-
04-19-2005, 12:59 PM #16Web Hosting Master
- Join Date
- Sep 2003
- Posts
- 1,916
It is sad. GoDaddy still worthless despite this happening time and time again.
http://www.webhostingtalk.com/showth...hlight=brs.net
-
04-19-2005, 01:24 PM #17Junior Guru Wannabe
- Join Date
- Apr 2005
- Posts
- 49
Thanks. I tried to post on dnforum, but after spending 10 minutes going through their registration process, it will not let me post a new thread.
-
04-19-2005, 01:27 PM #18Retired Moderator
- Join Date
- Jul 2002
- Location
- Kuwait
- Posts
- 10,620
dnforum is a paid forum not free like most others...
Bashar Al-Abdulhadi - KuwaitNET Internet Services Serving customers since 1997
Kuwait's First Webhosting and Domain Registration provider - an ICANN Accredited Registrar
Twitter: Bashar Al-Abdulhadi
-
04-19-2005, 01:30 PM #19Texan at Heart
- Join Date
- Jul 2003
- Location
- Castle Pines, CO
- Posts
- 7,189
Ah sorry - not exactly why I never had any problems posting over there or paid them any money. I do not follow some of those *** much as others.
-
04-19-2005, 01:59 PM #20Web Hosting Master
- Join Date
- Feb 2005
- Location
- Northern VA
- Posts
- 1,582
I'm surprised that this is happening and there hasn't been any press on this other than complaints in forums.
Gdiddy - if you can document what happened pretty well you ought to go to some prominent internet news sites and get your story out.
I'm a bit concerned now myself but I add private domain protection on my account too which should protect it a bit more from having the admin contact information changed.
I'm starting to think I should just transfer all my domains that I have in Godaddy to another account.Rich
Husband, Father, Retired Marine, Geek
-
04-19-2005, 02:23 PM #21Junior Guru Wannabe
- Join Date
- Sep 2004
- Posts
- 99
I am thinkin the same thing. Get the word out this is really bad stuff
-
04-19-2005, 02:40 PM #22Junior Guru Wannabe
- Join Date
- Jun 2003
- Location
- USA
- Posts
- 31
GDiddy,
You mentioned that a GoDaddy employee helped to "steal" your account. Did they reset your password/update your email address over the phone with this person? But why would you still receive emails about the domains unlocking if your email address changed? I though GoDaddy sends all password resets via email? Is your email password the same as your GoDaddy account?
I would be concerned with how they posed as yourself, this person may have enough personal information on you to do this again (ssn #, family/pet names etc...)
-
04-19-2005, 03:01 PM #23Junior Guru Wannabe
- Join Date
- Apr 2005
- Posts
- 49
Originally posted by HXM-Jacob
GDiddy,
You mentioned that a GoDaddy employee helped to "steal" your account. Did they reset your password/update your email address over the phone with this person? But why would you still receive emails about the domains unlocking if your email address changed? I though GoDaddy sends all password resets via email? Is your email password the same as your GoDaddy account?
I would be concerned with how they posed as yourself, this person may have enough personal information on you to do this again (ssn #, family/pet names etc...)
With my receiving emails, my guess is that Godaddy's login email is different from their notification email. They were set as two different email addresses. Also, the alternate address was listed as contact email on my domains that were stolen.
-
04-19-2005, 03:25 PM #24Web Hosting Master
- Join Date
- Aug 2002
- Location
- here
- Posts
- 1,566
Time to move all my domains away. Im thinking enom looks like a good place. /me searches for a ETP
Dave
-
04-19-2005, 11:40 PM #25Junior Guru Wannabe
- Join Date
- Mar 2004
- Posts
- 38
Originally posted by DevilDog
I'm a bit concerned now myself but I add private domain protection on my account too which should protect it a bit more from having the admin contact information changed.
I'm transferring my personally important domains to Moniker. I hope my GoDaddy account not hacked until it's completed.