Domain names are getting stolen more often than what you think.
It has been reported that the following domain names are stolen:
- 8t.com
- jtm.com
- wjm.net
According to a reported sales thread on DNForum, the seller attempted to offer the same domains on Flippa.com by gaining access to a compromised Flippa account.
The same method seems to have been used on DNForum.com, where an account unused since 2007 suddenly became active.
Buyers should always do due diligence regarding domain ownership. A good method is to always establish phone contact with the seller prior to sending any funds.
Hey Lucius – just to clarify, none of the domains here were ever listed for sale on Flippa.com. The one exception is jtm.com which the scammer offered as a bonus in the description for another listing.
Flippa does ownership verification on every listing that goes live on our marketplace. For domains, this is done via the whois record or a DNS TXT record change.
What’s happening here is that the scammer begins the process via phishing attacks targetting godaddy accounts. The legitimate owner falls foul of the scam and provides their domain account details. The scammer then uses this information to verify their “ownership” of the domain on forums, marketplaces and directly with sellers…
Not an easy scam to beat but Flippa is taking two primary approaches to address this.
The first is increasing our ability to identify and block these sorts of listings sooner. I’m not going to go into the specific details of this here but be assured most of the things you might think of we’re already doing … and more are on the way.
The second thing we’re doing is ramping up the buyer education so that they don’t actually fall for these scams (regardless of which marketplace they are using). An example of this is our recent post on stolen domains (http://flippa.com/blog/watching-out-for-stolen-domain-scams/) as well as remembering the basics of security when running/owning a website put out today (http://flippa.com/blog/security-essentials-for-flippa-sellers/)
My own words of advice on this is to be suspicious if any of the following hold true:
– If someone is offering you a domain for sale but it contains a website
– Recent whois changes
– If the price looks too good to be true
– If the seller is looking for a quick sale
– The seller is not willing to use escrow
We only had one instance of a Flippa user’s account being compromised here and this was due to the scammer having control of the user’s email account. Expect they lost more than just their Flippa account …
Now, if only I could work out what level of membership I need to reply to this thread on DNForum.com …