so, I wasnt sure which forum to post this in but it seems themost appropriate. So, i regged a pretty generic keywordverb.co.uk which has previously been registered, but expired. Anyway, I do a catchall on all domain email, mainly to find out how spammed the domain is. Natrually, I end up getting emails regarding ebay, paypal, amazon etc accounts, where the previous user of the domain/email address has not updated their account. Maybe an overseight, maybe lazy, etc. I dont monitor the inbox as I get sometimes over 1000 emails a day, 99.9% of it spam. Anyway, about a month ago, I got an email through thte contact form of the domain, from a previous owner of a domain, saying they were previous owner and that someone has tried (but didnt succeed) to gain access to their <platform> account. (not me!), they then went on to say they've contacted action fraud, police, nominet etc. At this point, tbh, the person just seems a bit IT illeterate, anyone can attempt a password reset using an email address, not just the person who has access to it. I didnt bother replying, as I saw the message about 4 days after they sent it. However, I thought i'd check the inbox where I forward all catchall mail to, keep in mind theres hundreds if not thousands of emails going into this inbox every day. Around the time they claimed, there were emails from amazon about resetting the password, sure enough someone had tried. Firstly, I'm not worried about the accusation in itself, the person is just a bit confused. But, since then, my registrar has asked me to validate (photo ID) the contact details for the domain (which are correct, as they are for all of my domains), so I'm guessing this person has done something which would have caused this. One grey area is that my mobile number wont ring, as I'm abroad and only receive SMS unless I add credit. I can update the contact details with a voip number I guess. But this is not part of the data validation request anyway? Could it be that someone at nominet or even the police would call me over this? I'd be interested in the call tbh, but it seems ridiculous that they would take a bogus password reset request seriously! Any tips here? Cheers!