Domain crime : Sometimes, the owner does not want to be found

Fifteen years ago, a Network Solutions flaw cost me a domain, albeit temporarily. That domain theft incident led me to research the proliferation of domain crime, and its processes.

For the past dozen years I’ve been following, reporting, exposing and assisting with the return of domains that have been stolen. Many cases involved corporate domain assets, and many domains were recovered. While I don’t seek any financial compensation for my assistance, I’ve been thanked repeatedly for my services; my goal is the undoing of wrong.

Domain crime can involve large corporate assets, or personal investments. Stolen domains can most definitely be resold and “laundered,” and each subsequent sale of the stolen domain asset brings it one step closer to legitimacy.

In my book, even if a series of legitimate sales has occurred, the domain that was stolen never gains full status as a “clean domain.” There is an ethical factor along with the obvious financial loss.

Eventually, someone might buy that stolen asset completely unaware of its past, particularly when the original party that lost the domain never did anything about it.

A recent case I followed closely last year, is one such example, and the owner did their best not to be found.

The domain was stolen using a very common technique of domain hijacking, using the email address of a controlling domain that itself had dropped. The “orphaned” domain became vulnerable the moment it wasn’t disassociated with the controlling domain.

A Russian criminal with activity on several domain forums and venues, turned this approach into a nice little money-maker. He crunched a lot of data, seeking domains that were waiting to be picked up, simply due to this vulnerability. He then hijacked those domains; many were aged from the early 90’s. He even posted publicly on forums, seeking assistance in obtaining access to a tool allowing him to query “millions of domains” per day.

In this particular case, the domain belonged to a California businessman whose name is rare and thus easy to find. The phone number and email were disconnected and their business was shut down. And yet, he had a Facebook profile, a LinkedIn profile, and no indication of having passed. I attempted to establish contact through these media accounts, and got nowhere with it.

Meanwhile, the stolen domain had already been resold, to someone in Asia. That person promptly listed it for sale, and upon my inquiry he claimed that the domain had been financed over the course of several months, and was finally in his possession. That lie, indicated that he was either in cahoots with the Russian domain thief, or well-aware of the domain’s status.

The domain was listed on Flippa, and it was removed, prompting the new owner, who claimed to have spent four figures USD on it, to pitch it at NamePros. Naturally, the good folks at NamePros examined the information and closed down the sale, but not the account of the peddler.

Things got nowhere with the previous, legitimate owner. His Facebook was last updated in early 2015, and a YouTube video of his business presentation was from 2012. I even contacted his daughter via LinkedIn, feeling more like a stalker than a person attempting to assist. No response ever came from there either.

As investigation over the Russian’s account on selling venues continued, his claims that he had bought the domain on NameJet were quickly refuted. NameJet stated that the domain had never been auctioned off, and that was true per my research. That led to the cancellation of the Russian’s account, and the discovery of several other stolen domains that he had managed to sell. All of them are now in the hands of second or third round buyers.

Several months later, the domain was listed as successfully sold on NameJet. The price, after commission, barely exceeded its acquisition cost from the Russian domain thief. For an aged, generic domain, the seller had listed it without a reserve, clearly seeking to maximize the chances of quick disposal of the stolen asset.

I sent a courtesy email to NameJet, to update them on the incident. I don’t feel that it’s their fault, and how would they know that a domain had been stolen if its legitimate owner never claimed it or filed a report on it? My documentation of its fate alone was not enough.

Eventually, it all comes down to wanting to be found, and wanting to protect and reclaim your stolen domain assets. As much effort and time I put into assisting victims of domain theft, there is only so much I can do without their owner’s participation.

If your domain has been stolen, I will research its status and attempt to assist with its return through a series of actions. I cover such incidents of domain theft, via a dedicated section for domain crime, on


  1. Wow!

    This industry needs more advocates like you.

    Thank you, Theo!

  2. I all too often see many people complaining about others stealing their domains and these individuals usually have little to no advice on how to get their property back. I enjoyed learning that not only are you helping others but doing so in your own time. Thank you for your generosity in the domaining industry!

  3. So many people fail to understand the value of domains and the processes associated with them (expiry, transfer, etc.), that they often let their property be stolen without a fight, without a raised eyebrow, without even any awareness that theft has occurred.

    They’re victims nevertheless. And any efforts made to uncover thefts and restore ownership help to legitimize the domain industry and spread the word – that Domains are valuable assets to be prized by their owners.

    Such efforts also make the system safer for those of us who already know that domains matter.

    Good job, Theo!

  4. Wonderful Theo. Too much praise is not good for any person but you deserve it.

    Domain industry is lucky to have generous and honest people like you.

    Only suggestion: Is it necessary to use such a complicated procedure

  5. Only suggestion: Is it necessary to use such a complicated procedure to prove I am a human to comment.

Speak Your Mind