Security

Another Appraisal Scam

Posted in Scams, Security, Spam on March 17th, 2009 by Michael – 3 Comments

Got another one of those appraisal scam emails today. Luckily they land in spam folder now:

Peter Miller Tue, Mar 17, 2009 at 6:31 AM
To: domainadmin
Dear sir,

we are interested to buy your domain name AARR.COM and offer to buy it from you for 65% of the appraised market value.

As of now we accept appraisals from either one of the following leading appraisal companies:

sedo.com
pedma.com
accuratedomains.com

If you already have an appraisal please forward it to us.

As soon as we have received your appraisal we will send you our payment (we use Paypal for amounts less than $2,000 and escrow.com for amounts above $2,000) as well as further instructions on how to complete the transfer of the domain name.

We appreciate your business,

Thanks,
P. Miller

New Phishing Spam- Inaccurate whois information. [IncidentID:95685]

Posted in Scams, Security, Tips on November 1st, 2008 by Michael – 2 Comments

Another new phishing scheme is unveiling, you get the scope here!

I recently received this email: read more »

Gmail Down - Temporary Error (502)

Posted in Security, Uncategorized on August 11th, 2008 by Michael – 3 Comments

update: works fine now

After logging to my gmail account where I keep most of my emails I just got this message:

Temporary Error (502)

We’re sorry, but your Gmail account is currently experiencing errors. You won’t be able to use your account while these errors last, but don’t worry, your account data and messages are safe. Our engineers are working to resolve this issue.

Please try accessing your account again in a few minutes.

That looks quite scary.. restarting my firefox and logging out/logging in didn’t help. Hope I’m not the only one.. anyone else having this problem?

788 Domains Stolen, Including yxl.com

Posted in Scams, Security, namepros on August 11th, 2008 by Michael – 6 Comments

Update: yxl.com was recovered with the help of godaddy

More stolen names might soon pop up for sale, so be warned!

Also a quick reminder: don’t use gmail, or other free email addresses as whois addresses for your domains. They can be hacked!

More details are from a namepros thread:

Some of them are:

yxl.com
zutan.com
filelime.com
relian.com
visitchina.net
visitjapan.net
youlun.com
studentflats.com
studentapartment.com
jiemeng.com
langzi.com
….. read more »

New Vawe of Fake ICANN Emails

Posted in ICANN, Scams, Security on June 24th, 2008 by Michael – 1 Comment

New Vawe of Fake ICANN Emails is out trying to get your logins and password to steal domains, so be warned. A few reports were posted on DNF.

Update: ICANNResolve.com site is down now.

To:    [email]xxxx@xxxxx.com[/email]
Subject:    ICANN - Domain Upgrade Notice
Date:    Tue, 24 Jun 2008 06:22:08 +0200
From:    “ICANN” <icann@icannresolve.com>

Dear Domain Account Holder,

You are being sent this notice from ICANN due to the fact that you
currently own an active domain name. ICANN is currently upgrading all
domains from their registry database.

The upgrade will introduce new control options for your domain and
easier
access. The new upgrade is required by the registry. All domain users
are
expected to submit their domain information manually at
[url]http://www.icannresolve.com/email/link.php?M=821&N=5&L=1&F=T[/url] with the
required information for ICANN to apply the required updates. read more »

Huge Bug Found in Godaddy - Lots of Options for Fraud

Posted in GoDaddy, Scams, Security on March 23rd, 2008 by Michael – 3 Comments

Rick reported this recently on his blog:

It appears GoDaddy.com gives you the option to cancel a transfer, after you have done an account change and the new owner has accepted the domain. How ludicrous is this? I’ve just had it happen a second time. Someone sends you a name, so you send them the money. The next thing they know, they pull it back! All they have to do is go to their account, go to pending account changes, check the box and click cancel. They can do this after it is finished!

Now in both cases it worked out fine because they had pulled it back because of a misunderstanding and quickly did another account change. It still leaves a huge door open for fraud.

I’m sure other registrars would let you pull back a domain as well, after you’ve pushed it.

I suppose it’s been around for a while, but this is the first time I hear about that and this could be a serious problem. Another reason to avoid godaddy and to be extra cautious, especially when dealing with new people.

How to Avoid Getting Scammed in Domaining

Posted in Google, Scams, Security, Tips on February 16th, 2008 by Michael – 4 Comments

scammerThis is a complete guide on domain scammers that shows how to recognize and avoid scammers while trading domains.

There are several popular scamming schemes:

1. Scammer sells stolen domains

How it works:

Scammer trying to sell quickly a stolen domain for a bargain price.

A domain can be stolen by hacking into the a email address associated with it - like yahoo, or hotmail; or by means of social engineering, e.g. if a scammer contacts the registrar support and pretends to be the owner of the domain who forgot the password. Stealing passwords is also possible through keyloggers and trojans installed on the domain owner’s computer.

How to avoid having a domain stolen?

- don’t use free email addresses in your domain contact details. Most people still do this and it puts their valuable domain assets as higher risk. Instead use an email address from your own domain.
- install and run an antivirus and antispyware software, update it frequently and run scans. Here is a good guide on cleaning your computer from spyware and viruses.
- always use strong passwords, random letters and numbers that are near each other on the keyboard. Use different passwords for everything and a password manager to keep track of them. Roboform is recommended. Change the passwords once in a while.
- keep your whois contacts and registrar information up to date read more »

Change Your Domain Details Right After Buying

Posted in How to Sell, Security, Tips on February 15th, 2008 by Michael – 1 Comment

Change Your Domain Details Right After Buying

We all buy and sell domains on a daily basis and frequently the domains are not updated after the purchase. Buyer forgets or puts off changing the new owner information, or dns, thus still allowing the previous owner to earn the parking revenue. As strange as it may sound, but this situation is very common and frequently even leads to conflicts and losses, for example then a domainer realizes he doesn’t control the domain he purchased because he didn’t change the whois and the domain expired.

Always take this as a rule: right after you buy a domain first thing you do is change contact details (some registrars don’t do that for you automatically after the push, like Dotster, for example), change dns and add the domain to your parking accounts and to your domains list. Keep tracks of all your purchases and sales.

Do it now, thank me later ;)