Chinese Papa John’s stole domain passwords!
Nick Ghuppo is a long-time fan of Papa John’s pizza.
The 320-lbs domainer from New Jersey loves the quality crust and the tasty ingredients of the Papa John’s pizza, and finds them better tasting than Domino’s and Little Caesar’s.
During the long hours of domaining, when he registers domains or peruses drop-catching services to further expand his portfolio, Nick chunks down several slices of pizza.
“You know, it’s like a brain food to me. I eat Papa John’s like others have cookies with their coffee. I dip my slice of Papa John’s into anything, coffee, tea, sauce, chocolate – you name it. I swear by the Papa John’s brand, man. It’s the best!”
It all changed when a few days ago, Nick received an email from what appeared to be Papa John’s account department asking for verification of his email “due to database changes”. The email looked just like a typical Papa John’s email: images of John Schnatter in his trademark apron, serving “better ingredients, better pizza”.
The email also asked for Nick’s account password. That’s when all the trouble started.
“I had no reason, you know, not to trust Papa John’s email as legit. So I entered my info, username, password, mother’s maiden name, bank account number, social security number, Moniker account and password, eNom account and password, Network Solutions account and password – anything they asked. I love John Schnatter for his pizza and I would trust him with my life”, adds Nick.
A few hours later it was evident that the email was spoofed, originating from China and mimicking the Papa John’s web site so accurately that even the prices were being pulled live from the actual server. Nick was unable to log into his accounts with the registrars and soon after, his best domains started disappearing.
“It was horrible man, how could I be so stupid and be fooled so easily. At first, I thought Papa John’s weren’t happy with the $1 tips I’d give to the delivery guy. I believe that pizza delivery personnel and strippers should earn their wages dollar by dollar. I guess I will now have to re-evaluate this”, says Nick, clearly upset, munching on a piece of Domino’s.
It took several angry phonecalls before his accounts were restored; some of Nick’s best domains are already in the hands of Chinese hackers that monetize his traffic to their own benefit.
“The irony is that there were a lot of Papa John’s pizza typo domains in these accounts and they didn’t steal those. They took my generics and my traffic domains. I am so pissed, it has ruined my attachment to Papa John’s pizza even though I know it’s not their fault.”
Both pizza enthusiasts and domainers in general are advised to be extra careful when asked to enter personal information – just don’t do it.