Domain Magnate

I started a thread yesterday on the DigitalPoint forums asking for 3 character domains to buy and 2 members already tried to scam me. Surprisingly the way they try to do it is extremely simple – they try to sell you a domain they don’t really own and accept payment through Western Union, Bank Wire, or MoneyBookers or even  paypal even though with paypal the transaction can be reversed. But I suppose they might be able to transfer the funds away before you do a chargeback in this case.

One of them is ShayGA. He pmed me offering to buy A66.com for $500. However a quick check reveals that it’s an active site and they are not likely to be interested in selling the domain. So I asked him to confirm that he owns the domain and he never replied. I dug a bit on him and found out that he only joined a couple days ago, but already had a lot of ‘sales’ going on. Most of these threads end with the members accusing the topic starter of being a scammer. I guess there are people who actually buy into this, otherwise he wouldn’t be doing it.

Update: I was told by another fellow domainer that this guy is also trying to “sell” that domain on NamePros. Luckily on NP and DNF the mods and members  are alert and swift in banning scammers.

Another one was Venliven – a recently joined member, I guess he joined when he saw my thread because that is where he made his first and second posts. It took me about 5 seconds to realize this might be a scammer by the strange question “What is your payment method?” – naturally it’s going to be paypal. I decided to play it out and see if I can get his details to post them here.

So I replied to his pm asking what were the domains – he answered with www.wut.com and www.juk.com.  To get the final confirmation that it was a scammer I decided to lowball and offered $2k for each (the actual market price for these would be at least $5k  each) and told him that if he accepts to pm me his bank and western union details, as well as moneybookers and I’ll see what’s easier for me to pay with. Scammers register new usernames daily, but in case someone asks you to send money to these addresses you’ll know who you are dealing with:

Western Union:
Zaid Lutfi , United arab emirates

Western Union:
Steven Burken
UpHill Sight 3/2

MoneyBookers:
w.a.t.e.r@hotmail.co.uk

Bank Account in UK:
39032157

Afterwards I asked him to confirm that he actually owns the domains by adding something in the whois contacts – he started sending weird messages with all kinds of lame excuses. Many of them didn’t even make much sense: “Without my hosting on I don’t have a server” – huh?

There are so many scammers on DP it’s ridiculous. And the mods don’t usually ban them since they don’t  break any petty rules, while DP mods don’t get involved in business between members. However those scammers are very easy to recognize. More sophisticated are the scammers that actually steal or sell stolen domains. Sometimes even experienced domainers fall victim to such crimes in this popular thread at dnf.

A new GoDaddy phishing scheme is spreading quickly now, I personally received 4 identical emails from them just an hour ago. Many other domainers reported receiving these, some 5-7 at a time. The email, which appears to come from support@godaddy.com but it points to: http://205.234.236.23/~ytrindic/ It’s a server in Pakistan mzwebhost.com

Domain Registration Confirmation

Dear Customer,

This notification is generated automatically as a service to you.

Because of unusual number of invalid login attempts on you account, we had to believe that, their might be some security problem on you account. So we have decided to put an extra verification process to ensure your identity and your account security.
Please click on sign in to domain servers to continue to the verification process and ensure your account security. It is all about your security. Thank you. and visit the customer service section.

please contact us within 1 days.

If you need to address this matter, or in any way need further assistance or technical support, call us any time at (480) 505-8877 or email us at support@godaddy.com. We appreciate your business!

Sincerely,
GoDaddy.com DomainAlert team

The emails also have the “regular” legal addition which makes them look rather authentic:

*Free hosting, photo album and blog services are ad-supported. Ad-supported Web sites contain
relevant online advertising on a small portion of the site, but DO NOT include obtrusive pop-up ads.
**Not applicable to premium domains, bulk domain purchases, discounted domain products, Sunrise/Landrush domain registrations, .ME domain registrations, discounted memberships or maintenance plans; additional disk space and bandwidth renewals, custom page layouts, custom headers, posters or gift cards. Discount reflected in your shopping cart – cannot be used in conjunction with any other offer or promotion.

Copyright © 2009 GoDaddy.com, Inc.. All rights reserved.

In general these emails look pretty good, much better than the regular scams, where after seeing the “dear sir/madam” you can figure it’s a scam right away. This email even had a smaller frame with a 10% off code and a few real links to GoDaddy.com

Take 10%** off your next order at GoDaddy.com.
Simply enter gdbb366 in your shopping cart or mention the offer code when you call (480) 505-8877.

The question remains however will these guys ever learn to spell and actually write in decent English? However many people don’t read email and just check the title, open it and click the link if it looks authentic.

Last, but not least – be sure to mouse over all links in email before clicking them!

Got another one of those appraisal scam emails today. Luckily they land in spam folder now:

Peter Miller Tue, Mar 17, 2009 at 6:31 AM
To: domainadmin
Dear sir,

we are interested to buy your domain name AARR.COM and offer to buy it from you for 65% of the appraised market value.

As of now we accept appraisals from either one of the following leading appraisal companies:

sedo.com
pedma.com
accuratedomains.com

If you already have an appraisal please forward it to us.

As soon as we have received your appraisal we will send you our payment (we use Paypal for amounts less than $2,000 and escrow.com for amounts above $2,000) as well as further instructions on how to complete the transfer of the domain name.

We appreciate your business,

Thanks,
P. Miller

This is a complete guide on domain scammers that shows how to recognize and avoid scammers while trading domains.

There are several popular scamming schemes:

1. Scammer sells stolen domains

How it works:

Scammer trying to sell quickly a stolen domain for a bargain price.

A domain can be stolen by hacking into the a email address associated with it – like yahoo, or hotmail; or by means of social engineering, e.g. if a scammer contacts the registrar support and pretends to be the owner of the domain who forgot the password. Stealing passwords is also possible through keyloggers and trojans installed on the domain owner’s computer.

How to avoid having a domain stolen?

- don’t use free email addresses in your domain contact details. Most people still do this and it puts their valuable domain assets as higher risk. Instead use an email address from your own domain.
- install and run an antivirus and antispyware software, update it frequently and run scans. Here is a good guide on cleaning your computer from spyware and viruses.
- always use strong passwords, random letters and numbers that are near each other on the keyboard. Use different passwords for everything and a password manager to keep track of them. Roboform is recommended. Change the passwords once in a while.
- keep your whois contacts and registrar information up to date read more »