Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Someone is stealing my domain - need realtime help

daboulet (530485) writes | more than 6 years ago

Privacy 0

Daniel Boulet writes "Executive summary: I am looking for someone associated with the domain registrar who can suspend my account until they open for business tomorrow morning.

The details: Someone has managed to (mostly) steal one of my domains — They appear to have done this by:

  • changing the contact address for my account at my domain registrar (
  • using the lost password mechanism to request a new password for my account
  • logging into my account and initiating a domain ownership transfer
I received the notification of the contact address change and immediately logged into my account before they changed the password. I changed the contact address back to the correct address. Shortly afterwards, I received the 'standard' e-mail asking me to approve the transfer. When I tried to reject the transfer, I discovered that the thieves had also managed to change the password to my account (I suspect that they did this using's lost password mechanism after they changed the contact address). The thieves seem to somehow managed to complete the transfer of my domain since whois now says that it is owned by a Copenhagen entity (it also says that it is owned by Boulet Fermat Associates which is me but I'm based in Canada). I spent the first few hours after this happened changing the contact address back and changing the DNS server configs for my domains back to what they were supposed to be — this was a cat and mouse game of sorts since the thieves were working to change them to their values and I was busy changing them back. At the present time it appears that the thieves have stopped trying to change my contact address or my DNS configurations but they could restart at any time.

The only reason that I am able to defend my other domains from being stolen is that I'm still logged into's website. I am making sure that I do something at least every few minutes so that the session does not timeout. If I loose the session then I can't log back in again since they changed the password after I logged in. I am not able to use the lost password mechanism to get the password back again since the site only allows the mechanism to be used once per day.

My plan is to keep monitoring the account until — located in France — opens for business tomorrow (around midnight MST tonight in the US/Canada). This should work as long as my session to the site does not timeout although life would be simpler if someone could put me in touch with someone at who could simply turn off my accounts until the dust settles (there are two of my accounts involved as near as I can tell).

One interesting bit is that they changed the contact address on my account to There's a blog article here describing a different domain theft that happened a few days ago and which used the same e-mail address."

cancel ×


Sorry! There are no comments related to the filter you selected.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>