Is Godaddy.com the perfect host for domain thieves?
There has been a recent rash of fraudulent domain name purchases at forums such as Digital Point.
One or more scammers are using phishing techniques to acquire the usernames and passwords of forum members and then capitalizing on the hacked members good will and purchasing domain names from other , unsuspecting members.
It appears that the scammers are targeting 4 letter .com’s and at this point are solely paying via paypal. It also appears the scammers are targeting only domains which are registered with Godaddy.com.
Godaddy.com is the largest domain name registrar so it is not hard for the scammers to target domains registered with Godaddy however it seems there is a more devious reason to target Godaddy.com domain holders using Paypal.com as the payment method.
So how does the scam work?
- The scammer acquires the forum members username/password.
- He/she responds to “domain for sale” post
- The scammer and domain seller agree on a price
- The scammer pays for the domains via Paypal.com. Probably from a hacked Paypal account.
- The seller receives the funds for the domain sale and “pushes” the domains into the scammers account.
- The scammer immediately does a chargeback
- The funds are removed from the sellers account and the domain names are gone
Initially, the seller will contact the buyer and in some cases the fraudulent buyer will make up some excuse such as “I’m sorry I need to use a different account. I will send the funds right away” which simply buys the fraudster a little time.
Once the seller realizes it is a scam the first step is to contact Paypal.com. Of course Paypal should be able to assist as they facilitated the payment. Unfortunately, the paypal account MAY have been hijacked in which case the funds are reversed back to the buyer. Whether or not the purchase was from a hijacked account or not is unknown but it stands to reason it was from a hijacked account.
This leaves the seller with no domains and no money so the next logical step is to contact Godaddy.com and apprise them of the situation.This is where it gets really interesting!
In most of the cases we have witnessed Godaddy has not offered much in the way of assistance. In fact, Godaddy has allowed the scammer to keep the domains and suggests contacting local law enforcement. But is it Godaddys job to protect the domain seller? In these cases, no. The seller approved the transfer into another Godaddy account. Who’s to say that the person requesting the domain back is not actually the trying to steal the domains?
So what can you do if you are the victim of this type of domain theft?
- Be vigilant! Stay on top of Godaddy. If the first rep is of no help continue to call back until you get a rep who at least attempts to assist you
- Follow the name. The new owner cannot transfer out of godaddy for 60 days however the scammer may be trying to sell it elsewhere. Search google regularly!
- Post the stolen domain at all of the major domain forums including DNforum.com, namepros.com, sitepoint.com, forums.digitalpoint.com, webhostingtalk.com, domainstate.com, domainnameforum.com, discussnames.com, acorndomains.com plus any others you can find!
- Search all of the domain sales venues including ebay.com, sedo.com, afternic,com as well as auction houses like pool.com.
- If you see the domain for sale contact the venue and let them know the name was stolen.
- In the event the domain is sold contact the new owner. Although this person may not want to get involved in many cases the new owner may be willing to assist you. Be polite and convincing when you tell them you are in the process of filing a dispute so you may regain control of YOUR domain. Since the new owner stands to lose their money AND the domain he or she may become your best ally.
Unfortunately, it is next to impossible to keep yourself 100% protected during a domain sale but there are ways to make it harder to be scammed.
- Use escrow services such as escrow.com when possible
- Require the buyers shipping address when using Paypal and send the domain access information via fedex
- Research the buyers background. If it is a stolen account it is possible there are inconsistencies. Does this user typically buy domains? Is the users writing style consistent with the writing style in older posts?
- Has this user been on a big buying spree?
Remember due diligence is your best protection!
