{"id":61,"date":"2008-09-07T19:33:54","date_gmt":"2008-09-08T00:33:54","guid":{"rendered":"http:\/\/acro.net\/blog\/2008\/09\/07\/sedo-scammers-take-advantage-of-email-predictability\/"},"modified":"2008-09-07T20:23:49","modified_gmt":"2008-09-08T01:23:49","slug":"sedo-scammers-take-advantage-of-email-predictability","status":"publish","type":"post","link":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/","title":{"rendered":"Sedo scammers take advantage of email predictability"},"content":{"rendered":"<p>It was in early 2000 when one of my few &#8211; back then &#8211; domains got hijacked by a Turkish hacker. He picked that particular domain because it&#8217;s a very common Greek cussword, shared equally among our eastern neighbors. The domain was registered with Network Solutions, which offered back then an update process via email. With each WHOIS info change, an email was sent out to be acknowledged or denied by the administrative contact.<\/p>\n<p><strong>The problem was its predictability:<\/strong> its format was identical each time, the changes to be made were obvious and the information conveyed was unencrypted. All a hacker had to do &#8211; and many did &#8211; was to initiate an update via the NetSol web site and then send out a fake email that appeared to come from the administrative contact, authorizing the changes!<\/p>\n<p><strong>Simple and brilliant.<\/strong><\/p>\n<p>What&#8217;s not simple and brilliant is that <strong>eight years later other companies continue to make the same mistakes in the way they program authorization of updates in transactions. <\/strong>In a recent scheme, a Sedo seller received an offer for a 3-letter .com domain; the price was agreed upon and consequently he was emailed, being told that the payment had been received and that the domain should be pushed to the buyer&#8217;s account.<\/p>\n<p>The email ended up being fake, the perpetrator once again originating from Iran (oh, the surprise!). The scammer simply replicated a response email, sent often by Sedo to the participants of a transaction and spoofed the originating address, thus making the seller believe that the payment had been made. The seller pushed the domain to the scammer&#8217;s acount with <a href=\"http:\/\/Moniker.com\" target=\"_blank\"><strong>Moniker<\/strong><\/a>. Later on, Sedo notified the seller that no such email had been sent, that the payment was still pending and that the buyer was apparently trying to defraud the seller.<\/p>\n<p>Luckily, the domain was returned due to the strict safety policies of Moniker. It was proved stolen and it was returned to the owner. <strong>Sedo must stop sending out these full communication emails; they must simply prompt the parties involved in a transaction to log into their Sedo accounts to perform whatever step is needed. <\/strong>This way, no personal data is disclosed and no spoofing is possible. Sedo must take example from Escrow.com that has streamlined the domain transfer process to the highest degree; if they were also a registrar it&#8217;d be the ultimate in domain reselling security. Other options exist, such as Moniker&#8217;s escrow (requires the domains to be transferred to Moniker first), <a href=\"http:\/\/Afternic.com\" target=\"_blank\"><strong>Afternic<\/strong><\/a> and the newly founded venture <a href=\"http:\/\/EscrowDNS.com\" target=\"_blank\"><strong>EscrowDNS<\/strong><\/a>.<\/p>\n<p><strong>It&#8217;s important to learn from the lessons of the past, to avoid the anguish in the future.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>It was in early 2000 when one of my few &#8211; back then &#8211; domains got hijacked by a Turkish hacker. He picked that particular domain because it&#8217;s a very common Greek cussword, shared equally among our eastern neighbors. The domain was registered with Network Solutions, which offered back then an update process via email. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26,3,25],"tags":[132,133,131,100,27],"class_list":["post-61","post","type-post","status-publish","format-standard","hentry","category-business","category-domains","category-social-issues","tag-email-predictability","tag-escrow","tag-iranian-hacker","tag-scammers","tag-sedo","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Sedo scammers take advantage of email predictability - Acro.net - A Domain Investing Blog by Theo Develegas<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Sedo scammers take advantage of email predictability - Acro.net - A Domain Investing Blog by Theo Develegas\" \/>\n<meta property=\"og:description\" content=\"It was in early 2000 when one of my few &#8211; back then &#8211; domains got hijacked by a Turkish hacker. He picked that particular domain because it&#8217;s a very common Greek cussword, shared equally among our eastern neighbors. The domain was registered with Network Solutions, which offered back then an update process via email. [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/\" \/>\n<meta property=\"og:site_name\" content=\"Acro.net - A Domain Investing Blog by Theo Develegas\" \/>\n<meta property=\"article:published_time\" content=\"2008-09-08T00:33:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2008-09-08T01:23:49+00:00\" \/>\n<meta name=\"author\" content=\"Theo Develegas\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Theo Develegas\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/sedo-scammers-take-advantage-of-email-predictability\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/sedo-scammers-take-advantage-of-email-predictability\\\/\"},\"author\":{\"name\":\"Theo Develegas\",\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/#\\\/schema\\\/person\\\/9c9625f061a0e603a87f5bf0f6f781fe\"},\"headline\":\"Sedo scammers take advantage of email predictability\",\"datePublished\":\"2008-09-08T00:33:54+00:00\",\"dateModified\":\"2008-09-08T01:23:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/sedo-scammers-take-advantage-of-email-predictability\\\/\"},\"wordCount\":454,\"commentCount\":9,\"keywords\":[\"email predictability\",\"Escrow\",\"Iranian hacker\",\"Scammers\",\"Sedo\"],\"articleSection\":[\"Business\",\"Domains\",\"Social issues\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/acro.net\\\/blog\\\/sedo-scammers-take-advantage-of-email-predictability\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/sedo-scammers-take-advantage-of-email-predictability\\\/\",\"url\":\"https:\\\/\\\/acro.net\\\/blog\\\/sedo-scammers-take-advantage-of-email-predictability\\\/\",\"name\":\"Sedo scammers take advantage of email predictability - Acro.net - A Domain Investing Blog by Theo Develegas\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/#website\"},\"datePublished\":\"2008-09-08T00:33:54+00:00\",\"dateModified\":\"2008-09-08T01:23:49+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/#\\\/schema\\\/person\\\/9c9625f061a0e603a87f5bf0f6f781fe\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/sedo-scammers-take-advantage-of-email-predictability\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/acro.net\\\/blog\\\/sedo-scammers-take-advantage-of-email-predictability\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/sedo-scammers-take-advantage-of-email-predictability\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/acro.net\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Sedo scammers take advantage of email predictability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/acro.net\\\/blog\\\/\",\"name\":\"Acro.net - A Domain Investing Blog by Theo Develegas\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/acro.net\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/acro.net\\\/blog\\\/#\\\/schema\\\/person\\\/9c9625f061a0e603a87f5bf0f6f781fe\",\"name\":\"Theo Develegas\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/6794630c371bee89f2b833c1f4b777d9ba75767b217c8fce2cfd6e6d7d90960d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/6794630c371bee89f2b833c1f4b777d9ba75767b217c8fce2cfd6e6d7d90960d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/6794630c371bee89f2b833c1f4b777d9ba75767b217c8fce2cfd6e6d7d90960d?s=96&d=mm&r=g\",\"caption\":\"Theo Develegas\"},\"description\":\"Theo Develegas - News and opinions on domain name investing, brand development, design, and the occasional rant or two about life's challenges. Founder of Acroplex LLC.\",\"sameAs\":[\"https:\\\/\\\/acro.net\",\"https:\\\/\\\/x.com\\\/acroplex\"],\"url\":\"https:\\\/\\\/acro.net\\\/blog\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Sedo scammers take advantage of email predictability - Acro.net - A Domain Investing Blog by Theo Develegas","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/","og_locale":"en_US","og_type":"article","og_title":"Sedo scammers take advantage of email predictability - Acro.net - A Domain Investing Blog by Theo Develegas","og_description":"It was in early 2000 when one of my few &#8211; back then &#8211; domains got hijacked by a Turkish hacker. He picked that particular domain because it&#8217;s a very common Greek cussword, shared equally among our eastern neighbors. The domain was registered with Network Solutions, which offered back then an update process via email. [&hellip;]","og_url":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/","og_site_name":"Acro.net - A Domain Investing Blog by Theo Develegas","article_published_time":"2008-09-08T00:33:54+00:00","article_modified_time":"2008-09-08T01:23:49+00:00","author":"Theo Develegas","twitter_misc":{"Written by":"Theo Develegas","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/#article","isPartOf":{"@id":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/"},"author":{"name":"Theo Develegas","@id":"https:\/\/acro.net\/blog\/#\/schema\/person\/9c9625f061a0e603a87f5bf0f6f781fe"},"headline":"Sedo scammers take advantage of email predictability","datePublished":"2008-09-08T00:33:54+00:00","dateModified":"2008-09-08T01:23:49+00:00","mainEntityOfPage":{"@id":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/"},"wordCount":454,"commentCount":9,"keywords":["email predictability","Escrow","Iranian hacker","Scammers","Sedo"],"articleSection":["Business","Domains","Social issues"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/","url":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/","name":"Sedo scammers take advantage of email predictability - Acro.net - A Domain Investing Blog by Theo Develegas","isPartOf":{"@id":"https:\/\/acro.net\/blog\/#website"},"datePublished":"2008-09-08T00:33:54+00:00","dateModified":"2008-09-08T01:23:49+00:00","author":{"@id":"https:\/\/acro.net\/blog\/#\/schema\/person\/9c9625f061a0e603a87f5bf0f6f781fe"},"breadcrumb":{"@id":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/acro.net\/blog\/sedo-scammers-take-advantage-of-email-predictability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/acro.net\/blog\/"},{"@type":"ListItem","position":2,"name":"Sedo scammers take advantage of email predictability"}]},{"@type":"WebSite","@id":"https:\/\/acro.net\/blog\/#website","url":"https:\/\/acro.net\/blog\/","name":"Acro.net - A Domain Investing Blog by Theo Develegas","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/acro.net\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/acro.net\/blog\/#\/schema\/person\/9c9625f061a0e603a87f5bf0f6f781fe","name":"Theo Develegas","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/6794630c371bee89f2b833c1f4b777d9ba75767b217c8fce2cfd6e6d7d90960d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/6794630c371bee89f2b833c1f4b777d9ba75767b217c8fce2cfd6e6d7d90960d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6794630c371bee89f2b833c1f4b777d9ba75767b217c8fce2cfd6e6d7d90960d?s=96&d=mm&r=g","caption":"Theo Develegas"},"description":"Theo Develegas - News and opinions on domain name investing, brand development, design, and the occasional rant or two about life's challenges. Founder of Acroplex LLC.","sameAs":["https:\/\/acro.net","https:\/\/x.com\/acroplex"],"url":"https:\/\/acro.net\/blog\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/acro.net\/blog\/wp-json\/wp\/v2\/posts\/61","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/acro.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/acro.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/acro.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/acro.net\/blog\/wp-json\/wp\/v2\/comments?post=61"}],"version-history":[{"count":0,"href":"https:\/\/acro.net\/blog\/wp-json\/wp\/v2\/posts\/61\/revisions"}],"wp:attachment":[{"href":"https:\/\/acro.net\/blog\/wp-json\/wp\/v2\/media?parent=61"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/acro.net\/blog\/wp-json\/wp\/v2\/categories?post=61"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/acro.net\/blog\/wp-json\/wp\/v2\/tags?post=61"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}