Over the course of a decade, I have repeatedly assisted domain owners recover their stolen domains.
Some were domainers, others were simply owners who woke up one morning to find that their accounts were compromised and their “intangible property” was gone.
The first thing one needs to remember, is to not give in to any form of blackmail from a domain thief, if and when they are contacted by them. Such an extortion will most likely end up at losing both the domain and the funds of its ‘ransom’.
Instead, when you discover that your domains are stolen, you should remain calm and follow the “take no prisoners” approach: report the theft to the registrars, publicize the info you have at your possession and don’t be afraid to call the thieves by their name – “thieves”.
Why do I assist others recover their stolen domains?
In early 2000, while I was still wet behind the ears with domaining, and owning only a dozen domain names for personal use, I lost one of my domains to a hijacker.
These were the days of Network Solutions and their infamous contact forms that would be generated and emailed back to confirm changes. The security hole the hijackers exploited involved generating those oh-so-predictable forms, confirming changes such as a new email address or new nameservers. There were no authorization codes, no registry locks and the password protection was not the default choice with Netsol.
So I learned the hard way, with a Turkish hacker taking over my domain – because he could. I watched in panic, seeing those email notifications arrive at my mailbox, showing the DNS changes, then the ownership changes, then the contact email; until the domain itself was pointed to a page triumphant about their feat.
Over ICQ – those were the days – I pleaded with the hacker to return my domain. Fortunately, he was just a smart kid who wanted to toy with me; his knowledge of performing this feat gave him the advantage. He played with me for an hour, over a proxified IP that pointed to Russian servers, then he agreed to let his fish – me – go off the hook.
I learned a hard lesson and later on I moved the domains to GoDaddy, one by one. I was definitely shaken by the experience, it’s very unpleasant and humbling.
Over the course of the coming years, despite additions in domain security, domain thefts increased along with the inherent value of domains. I made it my mission to help out, if I could identify the circumstances of a domain theft, making the task of domain recovery by the owners easier.
It’s good karma, after all.