Re: [registrars] Grave Robbing and SEDO Fencing

[Sam BAVAFA <s.bavafa@xxxxxxxxxxxxxxxxxxx>]

Hi guys,

I am also interested by any solution that could avoid such ID usurpation.

For now, we are asking to the registrant to provide his ID copy. When the
owner change is requested, we are also asking for a copy again + physical
owner change form printed and signed by both parties and if both ID copies
are matching, and the signature is the same, we call the constumer on his
original phone number provided at the registration time and then authorise
the owner change.

Sometimes infos has been changed so we cannot verify all infos it means that
we somehow must get our own conviction that his is the real owner (askling
for details on many different infos on his account).

But when a domain belong to a company, and the responsible has changed to
another one!. The only fact that this new person has access to the company
account admin is not enought to my opinion. Is someone has a better process
?

Thank you.
Sam

www.Domaine.fr
www.Domaine.info




De : Bashar Al-Abdulhadi <bashar@xxxxxxxxxxxxx>
Date : Sat, 04 Aug 2007 01:27:22 +0300
À : Lau <richard@xxxxxxx>
Cc : 'Registrars Constituency' <registrars@xxxxxxxxxxxxxx>
Objet : Re: [registrars] Grave Robbing and SEDO Fencing

Thats what i thought too.



but seeing this happen twice in less than 3 years scares me off (although
the other domain was with different registrar)



what might be possible to secure the domains of dead people to their heirs
in future for other registrars?





Lau wrote, On 8/4/2007 12:12 AM:
>      
>  
> 
> Well, I¹m just sitting here hypothesising.
>  
>  
>  
> But really Domain Hijacking is usually a form of online identity theft, where
> the thief one way or another convinces the Registrar, (or the ISP hosting the
> Admin Email) that he is the owner.
>  
>  
>  
> I¹m not one to comment on NSI¹s security except to say that I highly respect
> their senior staff and have witnessed major efforts to stamp out fraud. If
> anything NSI could teach many other registrars how to protect domains. This is
> a far cry from the pre-Champ M. days.
>  
>  
>  
>  
>  
>  
>  
> Richard
>  
>  
>  
>  
>  
>  
>  
> 
> 
>  
> 
> From: Bashar Al-Abdulhadi [mailto:bashar@xxxxxxxxxxxxx]
>  Sent: 03 August, 2007 10:12 PM
>  To: Lau
>  Cc: john@xxxxxxxxxxxxxxxxx; 'Registrars Constituency'
>  Subject: Re: [registrars] Grave Robbing and SEDO Fencing
>  
>  
>  
>  
> Hello Richard,
>  
> Lau wrote, On 8/3/2007 7:42 PM:
>  
>>  
>> Hi John,
>>  
>>  
>>  
>> So, in summary.... an identity theft occurs at NSI (hijacker pretends to be
>>  
>> Don Teske likely by sending in a fax with faked ID) and the buyer at Sedo
>>  
>> claims he's an innocent purchaser....
>>  
>>   
>>  
>  
> 
> its that simple at NSI to change domain ownership with fake IDs?
>  
> it should be harder for american registrant to be faked at american registrars
> due the easier methods to identify ownership?
>  
>  
>