Domain Forum from Acorn Domains

Today's Drop Dates are: 24-06-2014 or 01-07-2014   All times are GMT +1. The time now is 01:13:27 PM.
Domain Sales Prices Services Offered Domain Drop Dates
Go Back   UK Domain Forum Acorn Domains > Domain Name Disputes & Scams > Domain Name Scams

Domain Name Scams Report and discuss domain name scams, stolen domains and suspect ebay listings.

Closed Thread
 
LinkBack Thread Tools Display Modes
Old 29-03-2011, 10:39:13 PM     #1 (permalink)
Junior Member
 
Join Date: Mar 2011
Posts: 6
boogle is on a distinguished road

Angry Nominet account theft

Hello everyone,

I’ve recently had an unsettling experience with Nominet that makes me question the safety of my UK domains. I don’t want to go too deep with specifics because this investigation is still on-going. Anyway, I own about 40 UK domains, all them being 1 and 2 word domains, and a few days ago I couldn’t login to my Nominet account – after several unsuccessful login attempts I decided to change my password using the “Access Your Account” section of Nominet. After waiting 24 hours and still no reply I decided to check my account with my registrar and that’s when I noticed one of my UK domains had vanished from my account. To cut a long story short, someone had changed the email address associated with my Nominet account and reset the password to gain access. Then transferred one of my domains into a separate Nominet account, re-tagged it and then transferred it again into their own Nominet account. I could have lost all of my UK domains but I got Nominet to lock the account before anything else could be re-tagged.

What I wanted to know more than anything was “how did they manage to reset the email address associated with the Nominet account?” Nominet said it was done by my registrar!? But I thought registrars couldn’t alter the details on a Nominet account but apparently, according to Nominet, they can change anything accept the whois details (ownership info).

Anyhow, my question is this; “Can a registrar change the admin email associated with a Nominet account?” If so, how without permission from myself?

I now know the person responsible for all this and I want to prosecute. Just to clarify, they’ve fraudulently gained access to my account which has all my person details listed, then change my details to their own, transfer one domain out of the account and pay the £10 transfer charge, then leave my account in limbo. Who knows what else they would have done if I didn’t get Nominet to lock it down. I had to write a letter to Nominet explaining the situation before they released my account back to me, which they did today, but I will have to wait while Monday before I get the stolen domain back.

My main goal is to find out how this happened, how this can be prevented from happening again and to sue the hell out of the thieving git who stole my domains.

Any advice would be greatly appreciated, especially with the suing part. Do I contact the cyber division of the police!?

Thanks for reading.
boogle is offline  
Old 29-03-2011, 10:45:47 PM     #2 (permalink)
wb

 
wb's Avatar
 
Join Date: Mar 2009
Posts: 2,053
wb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond repute

Quote:
Originally Posted by boogle View Post
Anyhow, my question is this; “Can a registrar change the admin email associated with a Nominet account?” If so, how without permission from myself?
Yes, they can. My guess is that someone has either contacted the registrar pretending to be you, or has gained access to the account you hold with your registrar and updated the admin email themselves.

Quote:
Originally Posted by boogle View Post
Do I contact the cyber division of the police!?
It has never happened to me, but I would assume as it's theft and therefore a criminal offence you would be able to report it to the police. With regards to civil law, best you take legal advice to find out what exactly you would be able to seek damages for.

Most important thing is to keep full evidence and as much documentation you can get as proof for when it's needed.

If you are concerned about security you could always apply for your own registrar 'tag' which would allow you further control over your domains.
wb is offline  
Old 29-03-2011, 10:46:37 PM     #3 (permalink)
rob
Founding Member
 
rob's Avatar
 
Join Date: Jan 2005
Posts: 6,058
rob has a reputation beyond reputerob has a reputation beyond reputerob has a reputation beyond reputerob has a reputation beyond reputerob has a reputation beyond reputerob has a reputation beyond reputerob has a reputation beyond reputerob has a reputation beyond reputerob has a reputation beyond reputerob has a reputation beyond reputerob has a reputation beyond repute

Who was the tagholder?
rob is offline  
Old 29-03-2011, 11:20:48 PM     #4 (permalink)
Junior Member
 
Join Date: Mar 2011
Posts: 6
boogle is on a distinguished road

Quote:
Originally Posted by wb View Post
Yes, they can. My guess is that someone has either contacted the registrar pretending to be you, or has gained access to the account you hold with your registrar and updated the admin email themselves.

If you are concerned about security you could always apply for your own registrar 'tag' which would allow you further control over your domains.
Thanks for the quick replies.

They definitely didn’t gain access to my registrar account – I’d know if they did because it logs all IP addresses that login to the account. They could have contacted the registrar pretending to be me, that’s certainly plausible.

I was hoping there would be a division of police that specialised with online crimes – I have a feeling the regular police won’t take it seriously.

Thanks for the info on applying for my own tag, didn’t know that was possible, I’ll look into it.
boogle is offline  
Old 29-03-2011, 11:21:26 PM     #5 (permalink)
Junior Member
 
Join Date: Mar 2011
Posts: 6
boogle is on a distinguished road

Quote:
Originally Posted by rob View Post
Who was the tagholder?
The tag holder was KEY-SYSTEMS-DE, I use Moniker. The domain that was stolen is now tagged with ENOM.
boogle is offline  
Old 29-03-2011, 11:21:31 PM     #6 (permalink)

 
Join Date: Dec 2006
Posts: 1,608
anthony has a reputation beyond reputeanthony has a reputation beyond reputeanthony has a reputation beyond reputeanthony has a reputation beyond reputeanthony has a reputation beyond reputeanthony has a reputation beyond reputeanthony has a reputation beyond reputeanthony has a reputation beyond reputeanthony has a reputation beyond reputeanthony has a reputation beyond reputeanthony has a reputation beyond repute

Quote:
Originally Posted by wb View Post
...If you are concerned about security you could always apply for your own registrar 'tag' which would allow you further control over your domains.
Can't help highlighting that a tag shouldn't be necessary if a system is secure enough.
anthony is offline  
Old 29-03-2011, 11:26:17 PM     #7 (permalink)
Junior Member
 
Join Date: Mar 2011
Posts: 6
boogle is on a distinguished road

Quote:
Originally Posted by anthony View Post
Can't help highlighting that a tag shouldn't be necessary if a system is secure enough.
Just what I was thinking.

But who’s security? The registrar, Moniker, or Nominet?
boogle is offline  
Old 29-03-2011, 11:28:31 PM     #8 (permalink)
wb

 
wb's Avatar
 
Join Date: Mar 2009
Posts: 2,053
wb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond reputewb has a reputation beyond repute

Quote:
Originally Posted by anthony View Post
Can't help highlighting that a tag shouldn't be necessary if a system is secure enough.
Very true and I completely agree, however having a tag reduces a variable in the security of domains (i.e. external registrars).
wb is offline  
Old 29-03-2011, 11:30:14 PM     #9 (permalink)

 
invincible's Avatar
 
Join Date: Feb 2005
Location: The Island of Mustique, St. Vincent & The Grenadines
Posts: 2,585
invincible has a reputation beyond reputeinvincible has a reputation beyond reputeinvincible has a reputation beyond reputeinvincible has a reputation beyond reputeinvincible has a reputation beyond reputeinvincible has a reputation beyond reputeinvincible has a reputation beyond reputeinvincible has a reputation beyond reputeinvincible has a reputation beyond reputeinvincible has a reputation beyond reputeinvincible has a reputation beyond repute

Quote:
Originally Posted by anthony View Post
Can't help highlighting that a tag shouldn't be necessary if a system is secure enough.
Unfortunately it's not one system with just Nominet and the Registrant in the loop. There are Registrar's involved who [u]can[/U ]change the email address associated with an account. So that's a potential weak link in the chain, if they are persuaded to make changes to a Registrant account frauduently. From reading through what the original poster has stated, what didn't happen was a change of Registrant. One very good thing about.uk is in this kind of situation, one call to Nominet and everything will be locked and can be easily undone. That's not possible in gTLDs because Registrants never deal with the Registry.

Last edited by invincible; 29-03-2011 at 11:32:15 PM.
invincible is offline  
Old 29-03-2011, 11:45:51 PM     #10 (permalink)
Junior Member
 
Join Date: Mar 2011
Posts: 6
boogle is on a distinguished road

Quote:
Originally Posted by invincible View Post
Unfortunately it's not one system with just Nominet and the Registrant in the loop. There are Registrar's involved who [u]can[/U ]change the email address associated with an account. So that's a potential weak link in the chain, if they are persuaded to make changes to a Registrant account frauduently. From reading through what the original poster has stated, what didn't happen was a change of Registrant. One very good thing about.uk is in this kind of situation, one call to Nominet and everything will be locked and can be easily undone. That's not possible in gTLDs because Registrants never deal with the Registry.
The registrant was changed on the one domain that was illegally transferred out of my Nominet account. All the other domains where locked down quickly. The only reason I was easily able to get Nominet to transfer the stolen domain was because they could see the blatantly obtuse way it was stolen.
boogle is offline  
Closed Thread



Bookmarks

Tags
account, nominet, theft

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Similar Threads
Thread Thread Starter Domain Name Community Replies Last Post
adding domains to nominet account disruptive General Board 14 07-05-2010 11:06:24 AM
Domains in Nominet Account johnnyboy New Domainers 4 27-08-2009 09:12:09 PM


All times are GMT +1. The time now is 01:13:27 PM.


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.6.1
All content on Acorn Domains is member generated and is not moderated before posting. All content is viewed and used by you at your own risk and AD does not warrant the accuracy or reliability of any of the information. The views expressed are those of the individual contributors and not necessarily those of AD. Please contact us to report any issues or send a PM to "Admin".