Needless to say, Bob wants his domains back and I've got no idea what to tell him. Bob's registrar claims the transfer was initiated from Bob's account (the one domain on that account they didn't steal was cancelled, so I'll buy that), but has otherwise not been particularly helpful thus far.
So I have several questions because I know my clients are going to ask and I don't know what to tell them.
Check, check, check the email address your client used as the email of record for that domain. Looks like a crime may have been committed. Sounds like a job for an attorney familiar with Internet laws, and/or the FBI. Your client's domain name account may have been hijacked by Alice.
You gotta give Alice props for the industrial espionage and the balls to register the domains using the same registrar Bob was using, but Bob is none-too-thrilled.
Without going into a very long back story to "set-up" my comment/suggestion, check with the Registrar to see/confirm if ALL of the communications (and resultant transfer actions) with the Registrar and "Alice" were via email, or if some (any) of them were verbal.
No, "verbal" shouldn't work, but... it does.
It does.
That it is the same registrar is the red flag for me.
Check, check, check the email address your client used as the email of record for that domain.
Unfortunately--and I didn't know about this until it was too late--the e-mail address used as the e-mail of record for the stolen domains was attached to the cancelled domain and hosted by the registrar under the same account. Domain was cancelled, e-mail account went with it. Or perhaps both were cancelled at the same time. Either way, I've suggested Bob add this to the list of information to request from the registrar. We'll see what we get.
check with the Registrar to see/confirm if ALL of the communications (and resultant transfer actions) with the Registrar and "Alice" were via email, or if some (any) of them were verbal.
Interesting; this was not an aspect I had considered. Will be sure to look into it.
You could try getting a threatening letter from a lawyer to Alice.
Lawyers are on the list of things I'm looking in to (if anyone has suggestions, we're all ears over here), but they're a last resort--Alice doesn't scare that easily, so Bob would have to both sue and win. Obviously, that's much less appealing than convincing the registrar to correct their own bloody mistake.
Obviously, that's much less appealing than convincing the registrar to correct their own bloody mistake.
If I am understanding you right I don't think that's being entirely fair to the registrar.
Why should they link the email address from a domain bob has allowed to drop to the domains Alice has taken w/o consent?
I think it might be more productive to explain the situation to the registrar and ask nicely if they could help. :)
Bob's registrar claims the transfer was initiated from Bob's account
register the domains using the same registrar Bob was using
They didn't use the same registrar because they were clever, they did it so they could do an internal push (transfer) instead of an external transfer. That's why the original registration date and expiration date didn't change. They probably got the password from the security question or other information.
Complain to ICANN about the registrar (part of registration fees go towards someone who is
supposedly answering the phone there for stuff like this) and/or UDRP for ~$2000.
ps. I had to laugh about the suggestion to call the FBI. That's like asking the police to take fingerprints of the area because someone stole your car. Good luck on getting them motivated for anything less than a murder. It's naive to think think law enforcement is about helping individuals - you'll be lucky if they don't start investigating you instead just for bothering them.
[edited by: amznVibe at 4:56 pm (utc) on Oct. 19, 2007]
I had to laugh about the suggestion to call the FBI. That's like asking the police to take fingerprints of the area
That's poor advice. Couldn't be more shortsighted. Immediately reporting a crime sets in motion a paper trail that will be useful to you for insurance, business, and accounting reasons, as well as help cover your back against future claims from fraudulent activity and debts that may arise from this incident.
Good luck on getting them motivated for anything less than a murder. It's naive to think think law enforcement is about helping individuals-
My brother literally broke his body hopping over fences, wrestling criminals, and chasing down crackheads, dealers, rapists, muggers, molesters and other suspects. Go on a ride-along before you opine on people you have no actual knowledge or experience of.
They didn't use the same registrar because they were clever, they did it so they could do an internal push (transfer) instead of an external transfer.
If that's not clever then please define the meaning of clever because that's pretty smooth in my books.
I had to laugh about the suggestion to call the FBI.
The FBI has a special internet crimes divisions, used it many times when I used to run a hosting company and the illegal activity crossed state lines.
The analogy about fingerprints and cars is idiotic because you don't need to canvas the neighborhood because in this case there will be 2 distinct IP addresses or fingerprints used at the registrar, the real account holders and the person that stole the accounts, and possibly email account elsewhere and a few subpoenas later you'll know exactly who did what assuming "Alice" didn't use stolen credit cards and anonymous proxies to do the dirty deed.
The real problem IMO in that an actual hacking crime has occurred so mixing police and lawyers can be a bit dicey because if you threaten to turn someone over to the cops if they don't comply and return your domains means you've just committed blackmail.
My advice is RUN, do not walk, to your nearest lawyer and ask him how to proceed to make sure you cover your butt 100% and nuke "Alice" in the process with as much collateral damage as possible for stealing your stuff.
[edited by: incrediBILL at 6:05 pm (utc) on Oct. 19, 2007]
Don't you think it would be a polite thing to do is ask Bob if he wants to keep his one and only domain.
Kinda kicking the dog while he is tied up don't ya think....
OTOH, we can usually get some level of cooperation from the local police (local to the criminal, not us). So you can try the FBI, but I doubt if they'll be helpful. My advice is to also contact the local police where "Alice" has "his" business established.
Can you prove your sales went down, document traffic on the domain before they were stolen, have info related to conversions per visitor?
... a domain bob has allowed to drop to the domains Alice has taken w/o consent?
I see I wasn't clear. Bob did not allow the domain to drop--it was cancelled in the same fell swoop during which the other domains were stolen.
it would be a polite thing to do is ask Bob if he wants to keep his one and only domain.
I don't know what you mean by this... I'm not Bob's registrar and had nothing to do with the domain being cancelled?
Anyway, I'd like to thank y'all for chiming in. I've forwarded Bob both this thread and a few domain name lawyers I've seen mentioned around here, and we'll see where things go. Thanks, all!
I recently noticed the whois information for one of my clients'
Pinterface my apologies but I assumed from the above post you were his webmaster...
Transferring a domain involves a few stages, unlocking, email request confirmation sent to the email on the present account.. etc
Someone would need to have access to Bobs registrar account and their personal email account over a few days.. unless money has changed hands between Alice and Bobs registrar then it musy surely be an inside job..
it's virtually impossible to get the FBI interested in a case that's below a certain dollar amount. ... it's far more than the value of a domain.
