homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / WebmasterWorld / Domain Names
Forum Library, Charter, Moderators: buckworks & webwork

Domain Names Forum

Domain name theft

 2:25 am on Jan 20, 2010 (gmt 0)

Last month, a domain name of mine was stolen, by it being "transferred" to another person and who had an account with the same registrar as I.

I did not authorize the transfer of ownership of my domain.

The pending transfer of registrant notice and the completed transfer notice emails were sent to my email address, in the very early hours of a morning (EST) and about 20 minutes apart.

I did not receive any other emails before these two.

Upon seeing these emails, I contacted the registrar (a big one) straightaway and they then advised me that the ony way this could have happened is if the new owner knew my login information.

My login and password were not at all easy to guess and therefore, I suspect that there was inside involvement from the registrar.
Is there any other way my account information could have been obtained?

I use a Mac and do not write down any of my login information or use my account away from home.

My registrar then asked me to fill in a form and provide further security information on myself, but I was not willing to provide all the information requested (including agreeing not to sue them/take action etc.) since I beleieved that there could be security issues at the registrar and sending them further important identifying information jeopardies my security even further, apart from the fact that they have no basis to ask for such information.

The fact that I have been the sole registrant for several years and testify that I did not agree to change the domain registrant should be enough for the registrar, but why does the registrar not take action to obtain evidence from the thief as to what authority they had to obtain the domain name?

The registrar informed me that I now have to apply to an ICANN-approved arbitration provider, which for the USA means WIPO and who charge a lot of money before they will take on a case, money that I cannot afford to pay and money that I doubt I will be able to recover from the thief.

I have contacted ICANN by email and voicemail, a few times now, but they have not made contact with me. Their website doesn't seem to offer any help to domain owners as to what to do in such a case.

I would like as much help as possible from anyone as to what options are available to me and what I should do next.

I am extremely upset over this matter and feel I have nowhere to turn.

Thank you in advance for any help.



 12:40 pm on Jan 20, 2010 (gmt 0)

Opinions are certain to differ, but assuming that you are located in the same country as the registrar, I would do the following.

1) Notify the registrar clearly and simply that you consider that a crime has taken place.
2) State that you believe that an employee of the registrar was either negligent or complicit in the crime.
3) Give the registrar 48 hours to correct the mistake stating clearly that if the domain has been transferred to another registrar that you still require them to take all possible actions to recover the domain or else you will
4) Go to the police and report the crime as theft and seek legal advice. Also state that you will hold the registrar liable for 100% of all costs incurred, loss of earnings and, say, $100 per hour for your own time (you'll need to keep a diary if you plan to follow through on this).

Keep the language plain, simple and business-like.



 12:57 pm on Jan 20, 2010 (gmt 0)

Retain a lawyer in the jurisdiction where the domain registrar is headquartered/"domiciled" and set that lawyer to the task of protecting your interests.


 2:20 pm on Jan 20, 2010 (gmt 0)

I agree with both of the above. If you don't have the funds to do as Webwork suggest then follow kaled post to see if you can get it done. If you can't get them to fix the thieft in 2 weeks you had better do as web suggested ASAP.

One and only one good thing u have going it was within the same register and you have 60 days before it can be moved to another register.


 3:41 am on Jan 21, 2010 (gmt 0)

Webwork: I cannot retain a lawyer and pay them market rates as I do not have the money.

Furthermore, the chances of my recovering any lawyers fees, through further lawyer action, is tiny to zero.


 3:51 am on Jan 21, 2010 (gmt 0)

Kaled: Thank you for your advice.

Can you tell me:

Which Police station do I go to and do I need to physically go there?
Is it my local station where I live, the one where the registrar is based, or another?

If so, who do I speak to and how do I register this crime?


 10:26 am on Jan 21, 2010 (gmt 0)

I live in the UK, so I can't advise on details with respect to the US. However, my guess would be that you can report any crime at any police station.

The first action is to get tough as I outlined above. In my experience, there is about a 50% chance of success (with companies in general, not registrars) provided you keep your message short, simple and professional. Since you have already corresponded with the registrar, you may have already indicated that you don't know how to handle the situation, so you should also state that you have taken legal advice.



 1:32 am on Jan 26, 2010 (gmt 0)

Do I have a time limit for addressing this issue or reporting it to the police etc?


 2:25 am on Jan 26, 2010 (gmt 0)

You need to act quickly for practical reasons but I doubt you are in any danger of running out of time technically.

You must think of this rather like someone taking an unauthorised payment from your bank account. Sure, it's illegal, but you have to try to sort this out yourself first - the police are your LAST resort.

Before you can expect any help from the police, you must establish that it's not a clerical error and the registrar must state clearly that they refuse to reinstate the domain name. When you have that statement, you can, in theory, take it to the police, but you will have to be very organised and will have to be able to explain clearly and concisely (with details, dates, copies of emails etc. in a file - at least two copies) what the problem is and what steps you have taken to correct it.

In addition, you may need to take out an injunction to ensure that the domain is not transferred to another registrar. You may be able to do this without a lawyer - I don't know.

For the purpose of explaining the problem to the police...
1) A domain name is a piece of electronic real estate.
2) A registrar is a licensed repository for the deeds to said real estate.
3) The crime alleged is that the registrar has transferred the deeds without consent and refused to return them.

Hopefully, this explanation will be simple enough for the officer you see initially to understand and he/she should then be able to direct you to the right dept. However, don't expect them to be keen to help because they won't be. Clearly, theft has occurred, but no one has been hit over the head, etc.



 9:54 pm on Jan 26, 2010 (gmt 0)

Is it worth using sites like <snip> to register the theft?

Also, my local police station aren't interested in registering the theft.
They tell me its a civil matter.

[edited by: buckworks at 10:54 pm (utc) on Jan. 26, 2010]
[edit reason] NO URLs please; see TOS [/edit]


 10:13 pm on Jan 26, 2010 (gmt 0)

If they are large they are probibly an ICANN-accredited registrar.

According to the ICANN website registrars are required to act as follows in the event of a dispute.

Source of quote:ICANN FAQ

All ICANN-accredited registrars follow a uniform dispute resolution policy. Under that policy, disputes over entitlement to a domain-name registration are ordinarily resolved by court litigation between the parties claiming rights to the registration. Once the court rules on who is entitled to the registration, the registrar will implement that ruling. In disputes arising from registrations allegedly made abusively (such as "cyber-squatting" and ?cyber-piracy"), the uniform policy provides an expedited administrative procedure to allow the dispute to be resolved without the cost and delays often encountered in court litigation. In these cases, you can invoke the administrative procedure by filing a complaint with one of the dispute-resolution service providers.

From what I am reading here I would start by invoking the administrative procedure by filing a complaint with one of the dispute-resolution service providers. There is a link right under this entry in their FAQ

There is also an ombudsman you can email for info.

[edited by: Demaestro at 10:24 pm (utc) on Jan. 26, 2010]


 10:15 pm on Jan 26, 2010 (gmt 0)

Getting the police to act may not be easy, but THEFT IS A CRIMINAL ACT it is never, ever, ever a civil matter - the police say things like this when they can't be bothered. Companies say things like that to dissuade you from taking actions you can afford. By any definition this is theft rather than a dispute between two parties - you did not enter into any negotiations, etc. It's not the case that a lawyer screwed up or something like that it is theft plain and simple - it is no different to money being taken from a bank account by hacking.

In the UK, at this point you could take it up with your local member of parliament (who could more or less force the police to act) however in the US, I can't comment further.



 11:29 pm on Jan 26, 2010 (gmt 0)

Demaestro: I mentioned in my original posting that I cannot afford to go to the arbitrator route, which for western people means WIPRO, as they require hefty fees to be paid, by me (the victim) before they will take on a case.

This option is a non-starter for me or for most people and really is only an option if you are a company and have the funds.


 11:44 pm on Jan 26, 2010 (gmt 0)

Are there any dispute-resolution providers who don't charge fees or very small fees (less than $50)?

I have checked:

The National Arbitration Forum
The Czech Arbitration Court

I haven't looked at the Asian providers as I thought they were only for asian domains/IDN's.


 4:36 am on Jan 27, 2010 (gmt 0)

maybe your email security was breached.

email server, email provider, DNS MX, local ISP, saved email on your machine,.........


 2:53 pm on Jan 27, 2010 (gmt 0)

It's really a bad news. But contact the domain name server with the bills and reports to get your authority.


 3:20 pm on Jan 27, 2010 (gmt 0)

Silver, sorry I read this

expedited administrative procedure to allow the dispute to be resolved without the cost and delays often encountered in court litigation.

And thought it meant there was no cost but I see now that it just says without the cost of court. I didn't think that there would be a cost to go through that procedure.

This may be a huge long shot but have you tried contacting the person that it was transferred to. He may be willing to work something out with you.

This is a horrible situation and I know it is one that could happen to most of us. I had an issue with a domain and it took a year to resolve. In my case though I lost ownership to the host company itself, who transferred it to a different company but same owner group. I was lucky though, they never changed my name-servers so my site stayed up during the resolution process.


 11:13 pm on Jan 27, 2010 (gmt 0)

Creeking: I do not write down nor retain any login information on my computer, any email account, or any electronic device, etc.


 11:15 pm on Jan 27, 2010 (gmt 0)

Demaestro: I don't think there is any point is contacting the thief. They have made themselves clear to all by their actions, otherwise they would not have committed the crime.


 3:24 am on Jan 28, 2010 (gmt 0)

SilverShine I am so sorry your going threw this mess. Don't give up call the register everyday, file a disputed domain form with them, keep the domain from being transferred at all cost.

Call the register don't talk to coustomer service ask for another level, if you don't get the response your looking for demand to go higher.
Take a sick day from work stay on the phone ALLLLLLLL DAY if you have to. Don't ask demand some action to be taken at the very least a hold on the domain name. Don't give up fight fight fight call call call alllllll day long.
I know the register can see the ip that changed the account I know they can see this looks strange you have to press hard stay on them until some action is taken.


 10:56 am on Jan 28, 2010 (gmt 0)

Since I believe the registrar is implicated, or at the very least negligent, accusations that they totally deny, there is no point in speaking with them about anything, since they will just keep denying and keep saying they can do nothing for me.

There are only 2 possibilities in my view:
1. Someone at the registrar held the thief
2. The registrar has security issues.

The registrar has already behaved unprofessionally and are disinterested in this matter.
I have read that they have had lots of domain name thefts.

I will not use them ever again.

I cannot afford to take time off just to call these jerks.
I won't lie to my employer.


 10:58 am on Jan 28, 2010 (gmt 0)

Apologies: In 1 above, I meant "helped the thief".

I wish my mistake was true though!


 2:26 pm on Jan 28, 2010 (gmt 0)

Who said lie to your employeer. Tell them the reason for the day off I said sick day but u can call it an emergency.

Looks like from your post it is a done deal and your moving on. Be a cold day in he-- before I would.


 2:18 am on Jan 29, 2010 (gmt 0)

I have not accepted the theft nor given up on what I can do.


 4:23 am on Jan 29, 2010 (gmt 0)

Can I ask for recommendations of registrars, those with the best known security?

I don't need hosting or anything else above domain registering, just a solid, secure, reliable & genuine company who don't and won't screw their customers over.

Thank you for any pointers.



 5:09 am on Jan 29, 2010 (gmt 0)

Hi SilverShine.

I think we've exhausted the core issue of this thread and I really don't want to now veer into voting/endorsing one registrar over another for "their security".

If any registrar was really bad chances are, with the way the Web works, they wouldn't be in business for long because word would get out.

You are probably on secure footing with most any of the larger direct seller registrars. All the more so if you take steps to protect your account: Difficult password. Reliable and protected email account. Routine monitoring by yourself and the registrar's systems (expiration alerts, etc.).

Time to put this baby . . err, thread . . to bed.


 5:51 pm on Jan 30, 2010 (gmt 0)

Just for the record, I just purchased the best security program from the Mac and all it found on my computer were 5 Tracking Cookies and all belonging to well known companies.

I therefore have no security problem on my Mac, as I believed to be the case.

Thank you to everyone for your advice.


 6:07 pm on Jan 30, 2010 (gmt 0)

Finally, webwork, the word HAS got out about this registrar as I am finding lots of references, stories, websites, blogs, etc., of other people who have been subjected to all kinds of poor service, security breaches and domain name thefts by the same registrar I am with and whom I am about to abandon.

I am quite shocked and very unhappy to discover that there is not, effectively, any actual recourse open for a domain owner who has had their domain name stolen and which is free or low cost (as it should be for victims).

ICANN and their so called "independent arbitration providers", are not interested in domain name theft, at least not at the low level, and their fees are an obstruction to justice. I received zero help/response from them.

I have all the security measures in place that you listed in your final posting and following what I have read and experienced, this registrar is well aware of its security breaches (and has done for some years now), and of the MANY domain name thefts from its customers that have occurred and which have been documented.

Therefore, they are clearly 100% culpable in the theft of my domain name.


 8:09 pm on Jan 30, 2010 (gmt 0)

I am finding lots of references, stories, websites, blogs, etc., of other people who have been subjected to all kinds of poor service, security breaches and domain name thefts by the same registrar I am with

SilverShine advised me that he did his research before choosing this registrar, but that his registrar's reputation and/or services - as stated above - appears to have lost some of its shine over time.

Therein lies the final lessons of this thread: It's the Web. Do a few searches before doing business. Search today for reputation information relating to any business with whom you have an ongoing relationship - before that bad reputation catches up with you. Registrars can change ownership and service can begin to slide.

IF the registrar is starting to fall down on the job it's not long before word starts getting out in the domain forums (where they let you post specific grievances), on the blogs, in the domain new aggregators.

Unfortunately, in the realm of domain name losses, most complaints are posted anonymously. Any number of complaints can be competitors making noise, people blaming a company for own mistakes, people trying to punish companies for perceived wrongs, etc.

I personally have seen people arrive in domain forums for the sole mission of going on and on about a specific domain registrar, as if by complaining loud enough and long enough they might extract their pound of flesh. Unfortunately, people tend to turn a deaf eye / blind eye to these threads as they tend to be feckless endeavors.

WebmasterWorld's members have done their best to be of assistance to you, SilverShine. Unfortunately, our best isn't good enough to fix the problem.

Hopefully your story will cause others to take a second look at their current service provider so they don't end up in the same situation.

Good luck in the future SilverShine.

This thread is now being locked.

Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / Domain Names
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved