The incidents are too many to list; I experienced and often pointed out – in my blog and on forums – several circumstances of stolen domains throughout the years. Some of them were reclaimed by their legitimate owners.
Others, well – they are still being offered for sale on auction sites or lists, having been sold many times over with their WHOIS info falsified or changed.
There have been times when the dubious status of those domains was pointed out and yet there were buyers who discounted the red lights and bought – at a huge discount – those stolen domains.
I hate to say it but between 2005 and 2008 more stolen domains were traded on the forums than what you can count on the fingers of your hands. And that includes people with 6 fingers in each hand!
So can you trust your own shadow – what is the process in order to avoid buying or brokering stolen domain names?
First of all, you can’t replace DomainTools.com – its silver membership offers WHOIS history that goes back to 2000. For most domains, it captures any WHOIS change, including DNS, contact names, emails etc. With careful studying of such ownership records at DomainTools, one can find previous owners and if necessary, contact them to ensure a domain left their possession in a legitimate manner.
Second, there are areas that are notorious for stealing and laundering stolen domains. Such countries include Iran, Turkey, Ukraine and certain Emirates in the Middle East. Now, this does not mean that every domain owned by people in these countries is stolen; it simply means that statistically speaking, when a domain is offered from people in these countries then it’s time to perform extensive research on its history of ownership.
By perusing the DomainTools history, one can then Google the email addresses and names of the owners under suspicion, find relationships between phone numbers and DNS IPs. A common trickery involves making the WHOIS record of a domain look like it’s protected by “WHOIS Shield” – all while the email is a free Gmail or Hotmail account!
There is no simple or single method to avoid running into stolen domains but if the deal is too good to be true, it’s probably because the domain is “hot red” from being stolen or recycled through several sales and exchanges.
Hi Acro,
Could you please explain, what’s the sense in this trickery from the point of a thief:
“A common trickery involves making the WHOIS record of a domain look like it’s protected by “WHOIS Shield” – all while the email is a free Gmail or Hotmail account!”
I’m asking this, as I usually turn whois privacy ON just to hide my home address, but leave my direct email (not free though) instead of the registrar’s forwarding one – to be able easily receive offers if any. It turns out I look suspicious then? 🙂
Al – as far as I know by turning WHOIS privacy on everything gets masked – even if you’re left with AlLastname@maskedwhoisregistrar.com
Thieves do their best to pull a blinder over the fact that the WHOIS info is artificial. When the contact info is made to look like e.g. Moniker privacy and the email is e.g. bob@gmail.com then it’s obvious the WHOIS is faked.
Acro,
I don’t think it’s obvious, in Moniker you may easily turn WHOIS privacy off partially, e.g. leave mainly their default WHOIS info but type in your direct email. To do that just choose to switch the privacy off, then edit any field you wish. This looks like customization of the default privacy info. There’s no evil intent in this case as you see, just a balance between full privacy and easy enough accessibility (you won’t need relying on your registrar that they will forward you email).
BTW, is the common full WHOIS privacy also an additional alert signal for you? If to compare to the open WHOIS data?
But anyway, thanks for your post – now I know that many may buyers feel suspicious about this, so I’m better to fix that.