LLL .com domains are often the target of cybercriminals.
The domain name EXF.com has been stolen, following the usual route from GoDaddy to the Chinese domain registrar, Ename.
The presumably Chinese domain thief showed extreme interest in the domain, as it was first stolen three weeks ago and was pushed to another GoDaddy account.
At the time, its owner notified GoDaddy about the domain theft and GoDaddy reversed the push, however the persistent thief managed somehow to regain access to the account, transferring it away to Ename.
The number of domain thefts originating in China has reached great proportions this year, as these criminals spoof valid GoDaddy emails for account confirmations, per ICANN requirements.
GoDaddy customers are advised to turn on two way authentication for their account, that requires the use of a cellphone able to receive text messages with a confirmation number, prior to logging to a GoDaddy account.
As always, do not click on links in emails to access your registrar account; log in by typing in the full URL instead.
I think that the two way authentication system would be in better use when someone wanted to transfer a domain from his/her account. This way a thief could not just change the email and get the domain because for the transfer to be completed it would have to be verified with the sms code.
WV – Any activity that requires user interaction, has to be done after logging into an account. E.g. to unlock the domain and get the auth code, one has to log in. If you have two way authentication enabled at GoDaddy, you can’t log in without the number sent to your cellphone.
DG,
As far as I see, so far two way authentication is available only to GoDaddy US customers: https://support.godaddy.com/help/article/7502/enabling-two-step-authentication
Andrea – True, but you can get a Google Voice number that accepts SMS from anywhere in the world: https://support.google.com/voice/answer/115116?hl=en
DG,
Thank you, I appreciate it, but the less we depend from Google, especially for security features, the better is … a word to the wise 😉
This reminds me of my brokerage account, I have an access password, and then a trade password I need to punch in before confirming a trade.
Maybe something like this needs to be implemented, so even if they did get into the account, they can’t do anything.
Andrea – That’s getting harder to avoid. Also, the Google Authenticator is being used by Uniregistry, so I am not sure why GoDaddy has not implemented that one yet instead of the SMS option.
I’ve just noticed that Namesilo, one of the registrars we are using, is now offering AUTHY (https://www.authy.com/users) as two way authentication system, for free.
I’m checking to see if it can suit us.
There’s a problem with the SMS Authentication system if – like me – you travel a lot. It assumes you have one mobile number. Whenever I travel overseas, I get a new temporary mobile phone SIM card (and a new mobile number) local to the country I’m in. I don’t use my home mobile number overseas cos global roaming charges are cripplingly expensive. Being on a temporary, different, mobile number means any SMS doesn’t reach me. Then its Internat calls/verify/change number with GD etc etc…
DG,
All this talking about online authentication gave me an idea for a new purchase … I’ve got OnlineAuthentication.com 😉
Long live .com, still the king!
Good reg Andrea