Not Godaddy breach, it looks like gmail breach the guy even says it... and as long as they follow procedure for the transfers, no red flags going up there!..
Yip it appears the owner used a gmail account for admin contact. My partner and I lost qp.com 10 years ago before there was any such thing has gmail and netsol was the only registrar. My partner changed the nameservers for the name to some czech hosting company (a friend of my partner supposedly) and he was told the best thing to do was create an admin email account using from there the hosting company redirected all emails to themselves and the transfer was made. We never saw the name again.
Ouch...that made my stomach hurt.....
I don't think I'd be able to sleep at night if I lost a domain like that,.
I'd probably still be chasing him.
Crazy world we live in these days......nothing is safe!..
Domaining world is getting scarier... :-(.
Better signup for a name monitoring service and subscribe using a different id.....
VL.com got jacked too... Domain Name Wire News VL.com Domain Name Stolen, Too. Heres the Inside Story. - The Domain Industry's News Source..
This is becoming like a bad reality TV show!..
Change your account passwords regularly is the biggest suggestion.
Scan your computers for viruses, trojans, spyware and etc. Post added at 12:16 AM Previous post was at 12:12 AM UPDATE Guys about stolen YH.com domain YH.com : *S! - xx???R - xx??x}R axx???R,xx??x ,xx??,xx? ? S,xx??*9 - Powered by Discuz!..
Well, in the VL.com case, as in the Baidu.com case it looks like the issue is the host itself.
You can only do so much if your host is going to turn over your info through incompetence.
I will say this again -.
GoDaddy.com does offer advanced security features for Executive Account holders. I am not sure what the current requirements are to get an executive account, but the added security alone is worth applying if you qualify.
Read the comments on that Chinese forum. One of the members claims to have stolen the domain and is selling it. Another member says "I have to steal one to! "..
I can't view them...they are all boxes except the main post..
"On Tuesday I was contacted by someone from Iran using the same anonymiser IP address as the attacker offering to help recover or purchase my domain. He curiously had a portfolio of 2-letter domains.".
Those nice Iranians, always willing to help!..
95% of these issues are coming for a handful of countries. They need to go after these criminals more aggressively with much harsher punishments.
Again another user using a free email host. THIS IS VERY INSECURE. GMAIL has been breached many times and on a few of those occassions the person did not need to know the username/password, they simply used an xss exploit to gain access.
People should really wise up about security, expecially when they have domains that are quite valuable. Post added at 08:10 PM Previous post was at 08:08 PM My sig links to an article I wrote last year that has some good common sense (but easily forgotton) rules.
If you have valuable domains also looks at other services your registrar has. Many have services that you can pay for that make your domains harder to transfer (many of them requiring a phone call or a fax etc)...
Hi peter, can you share with us what kind of email service is safe, or at least safer than hotmail/gmail? A recommendation would be nice.
Firstly steer clear of the free ones. If you have your own hosting on a trusted service make it an email address for 1 of your domains. Ideally ensure that the registrar signup email address is not on 1 of the domains that the registrar has on their system.
Ensure that the address you use for the whois of a domain is different than the email you use for your registrar signup (ideally do not use this email for signing up to non official services either). Also try to ensure they are different providers.
By making the emails different and ensuring they are delivered by different providers makes it harder for anyone who is attempting to get your domains through a phishing scam. If they manage to get hold of your whois email they have will not get very far if the registrar email is different as they could not use the forgot password system, and if the domain is locked they will not be able to do anything.
Also if you use imap or webmail ensure that the email does not contain any emails that has anything personal in it as some forgot password systems allow you to retrieve the details without the need to send an email and they use personal information to do this.
Also ensure that if your registrar has a security question and it allows you to set up your own question, make up the most obscure question as you can that only you will know the answer too.
Make sure you also monitor both the email accounts you used for whois and the registrar signup. If you for any reason are unable to access 1 of them double and triple check the accounts have not been compromised...
Everything online can be breached, hacked or exploited, it's just up to the user and the systems to make it harder for them to get through. In this case first and foremost with this kind of domain, i'd seriously think about having my admin emails on free email providers,..