web analytics

Domain theft saga the result of lack of two-factor authentication at Dotster

A couple of days ago, we received the following message from a distraught professional, who is not a domain investor:

“I wish I didn’t have to contact you but my domain has been stolen. Details per your reporting page:

Granting the right to use: Yes you are granted the right to use.
Theft timeline: It was stolen today. I visited my site (****.com) this afternoon and a new page was up offering the domain for sale. I’ve had it since 1997. I immediately contacted the registrar (Dotster), and discovered that someone had hacked my Dotster account and transferred the domain. I am still waiting for a reply from a “domain specialist” at Dotster.
Monetary loss: Hard to say just a few hours into the ordeal. It is my consulting company (****, LLC). People have offered to buy it for years and I never even consider it because it would take a substantial payment to legitimately part with it. I do have the registered trademark (****) so I am hopeful this is resolved quickly.”

Restoring access to one’s domain after it’s stolen, could be a lengthy, complicated process that involves a lot of back and forth with the Registrars involved. Sometimes, attorneys need to be involved as well.

In many cases, domains are stolen and transferred to faraway registrars that show little enthusiasm in resolving such issues.

In this case, the domain had been transferred to Uniregistry and parked with a “For sale” notice at a domain aftermarket venue.


After perusing the data and circumstances of this brazen domain theft, it became obvious that a popular domain investor had assumed ownership of the domain.

We contacted them, seeking their feedback and assistance in returning the domain to its legitimate owner.

Apparently, the stolen domain – a four letter first name – was stolen by an individual in Europe, then was offered for sale.

The requirement by the buyer was to get hold of the domain first. As the thief sought payment via bank wire, the domain was in the new owner’s hands while he prepared to pay for it.

The stolen domain owner’s swift action most likely saved it, along with the willingness of the buyer to return it.

They most likely failed to perform a thorough due diligence of the domain’s records, but once the theft was disclosed to us, their actions in response to our intervention helped resolve this case very quickly.

Dotster does not offer two-factor authentication, unlike many ICANN-accredited domain Registrars. This is a must these days, to prevent any activity transferring the domains in one’s account, without the owner’s interaction via an authentication scheme.

The latter can be a Google authentication app (Uniregistry, Fabulous, Name.com, eNom, others,) or via SMS (GoDaddy.)

If you are using a domain Registrar that does not offer two-factor authentication, consider moving your domains elsewhere. Your domain property, whether more valuable or less valuable, should not be exposed to a lesser level of security.

We’re glad that we could be of assistance, and many thanks go out to the domain investor who reacted positively in this case, returning the domain to its legitimate owner.

Copyright © 2020 DomainGang.com · All Rights Reserved.


2 Responses to “Domain theft saga the result of lack of two-factor authentication at Dotster”
  1. Robert says:


  2. scott says:

    As the owner of the stolen domain, I can’t thank DomainGang enough. The stolen domain was retrieved within 24 hours. Without their help I would still be dealing with this nightmare as Dotster has been completely unresponsive to the opened ticket. I am in the process of transferring all my domains from Dotster. Dotster sucks.

    As for the theft, one part of the story that does not make sense is that the “popular domain investor” gained control of the domain without first paying the thief for it. From where I sit, it looks like the popular domain investor and the domain thief are the same person.

Leave a Reply

Your email address will not be published. Required fields are marked *

 characters available