For a long time I was tempted to share this story but I was reluctant to do so because of potential legal investigation and because the person of my story is probably a member of this community.


It happened a few years ago.
I receive an anonymous e-mail saying that I no longer own a number of my domains. I'm asked for money to get them back. I rush to see WHOIS record and my fears are confirmed: my domains are now registered somewhere overseas but they still resolve at my hosting account.

I decide not to succumb to the blackmail but to try legitimate ways to recover my domains. Police refers me to ic3.gov, Internet Crime Complaint Center.
I fill out a long form, attach evidence, etc. and wait for reply.

Meanwhile, I do my own research and I find out what happened. I find who and how got access to my email and password to login into my domain register and initiate a transfer (while confirming and deleting email correspondence related to the transfer). This is my first painful lesson not to use the same password for email and for registering with different sites.

At this point, my domains point to parked pages.

Knowing the name and the U.S. home and business address of the perpetrator, I contact this person and receive a vague reply that neither denies nor confirms the crime. Then, the person stops replying to me.

I update my complain with ic3.gov and provide all the information I found.
I only receive a standard reply confirming the update, and that I'll be contacted by the investigator assigned to my case. Months and years pass by, but no one has contacted me. No human has ever replied to my emails and no phones are available (except 911).

I've recovered from the loss of domains but I feel insecure since. Luckily, websites are only a hobby of mine.

I wonder: If you get robbed in a more traditional way (e.g., mugged), the police will help you, especially, if the robber is identified. Is the internet business serious enough to deserve at least some protection?