Quote:
|
Opti....just to make sure I understand, so long as your domains are locked, they can't be stolen, correct? The only time they can be stolen is if you unlock the domain to transfer it?
|
Well... as far as I know, registry-lock is fine.
I didn't really want to get into this as I already sound like half a panic merchant
But there is one other situation where you might want to take extra care.. it really isnt going to affect many people though.
Register-Lock can't be removed without your account password... If you own a .org, .info .biz domain at godaddy... if/when you do transfer it, you will be required to give the gaining register what is called an Auth-Code which you get from GoDaddy.... Most places use a made up code.. GoDaddy decided it would smart to use your actual account password as the Auth-Code (the one needed to remove register-lock)
So, if you ever do transfer one of these domains out of GoDaddy you would be best to change your acccount password there afterward.
Quote:
Originally posted by M.D
were there any cases that the attempt to hijack the domain happened using another method other than hacking a free Yahoo or other email account?
|
No. they scan for domain status changes. Then request a transfer and hope they can trick you into approving it... My experience with the GoDaddy system makes me believe they will be sucessful sometimes.
Right now, if 2 transfer requests have come in to GoDaddy for your domain. They wont tell you they have recieved either yours or the bogus one... and the transfer status menu does not identify the gaining register... so if the bogus request arrives at GoDaddy prior to yours... and you have no idea it has been sent... it will be pretty hard to know that you are being tricked into clicking that approve link, and giving your doamin away... until its way too late.
The scammer may also be hoping that you wont transfer or re-lock the domain fast enough and they will get it by default after 3-5 days... which is what GoDaddy support said is possible. Although I personally doubt that could be correct as lots of people should be screaming already if it was.
The new system, as most people seem to understand it, says they shouldnt be able to get away with any of this. But it looks to me like they can... and it's a fairly safe to say the scammer thinks they can too...
If you are alert and don't assume anything when doing transfers it can be done fairly safely... but its simply not 100% failsafe.. and definitely not as safe as before.
Watch your transfers closely whilst they are proceeding. I doubt the ICANN rules will provide much relief once a domain is gone this way... and you can bet your bottom dollar GoDaddy cant/wont help you...
Most of all, Dont assume it wont happen to you... from what I see.. if you have domains moving out of GoDaddy, particualrly any decent value ones, they are a good chance to be targetted.
