Computer newbies: Domain hijacked - what options do I have?
Domain hijacked - what options do I have?
by GeekGirl - 8/2/05 3:15 AMI have been told by my domainhost that somebody has 'hijacked' my domainname and is sending out spam that appears to come from my address.
I am not sure I'm using the correct terms - here's an example.
Say my domain is www.hello.com . My website works fine. But the server at which my website is placed has reported that they get a ton of bounced emails that appear to have been sent from ...@hello.com , plus a load of complaints.
I've been told the domainhost has a filter up to stop the bounced spam from filling my mailbox, and they say the only remedy is to let hello.com die and move on to a new domain.
However, my business is called Hello, hence the domain hello.com , and my reluctance to change this.
I could in principle ignore the problem and go on using it. But I'm afraid newsletters from hello.com might bounce and since there is a filter, they may disappear and I'll never know. Plus any other problems I may not know about.
So my question is - what options do I have apart from ditching the old domain and moving everything to a new one, which will probably suffer the same fate after a while? Thanks very much!
What I would suggest
by TONI H - 8/2/05 3:33 AM In reply to: Domain hijacked - what options do I have? by GeekGirlis to let that domain name die as mentioned by your host; however, rename the new one real-hello.com and send a mass email to your clients/customers notifying them ahead of time of what occurred and explain the change. You should be able to just leave all your web pages alone without making any changes to them except for the email link.
Ask the domain host if you can have a redirect for the former hello.com to real-hello.com without complications due to the hijacking so anybody you haven't reached will automatically be sent to your new site. I did that with my old domain and it worked fine for an extra $2 per month.....but I didn't have my original site hijacked so I'm not sure if this would be a good idea since I also don't know if the hijacker would then get to your new site and it would start all over again.
Also, ask the domain host if there is any way to track who took over your current site to see if there is some way they can be prosecuted for this. My domain supplier (godaddy.com) has a free feature that let me make the site name 'private' and locked which prevents it from being taken over by somebody else behind my back. It stops everybody from getting private information about me, such as my name, home address, phone number, and email address also. Perhaps your domain host can give you information about what's available regarding those features through them or if you have to go to the site where you purchased the domain name if it's not them.
TONI
I have had the same problem
by rdbecker - 8/5/05 7:03 AM In reply to: What I would suggest by TONI HI don't think the website itself was hijacked, but the email domain extension. This happened to me, and my provider actually turned off email without any warning, and refused to turn it back on. It is easy for anybody to spoof anyone elses email address, the only way to tell for sure that it really came from your company is to look at the header information to confirm that it originated from your email server. I am willing to bet it did not. I imagine that many big companies deal with this problem every day - especially for phishing scams.
This should be equivalent to identity theft, and there should be laws in place to prosecute people for doing this. It ruins your good name, and people will start to filter out your email address, meaning that you will not be able to get your legitimate information to the people who originally subscribed to it.
I wound up having to move my provider (I was using Namesecure, which has in my opinion the WORST customer service out there). I since went to 1&1 internet - available at http://www.1and1.com/?k_id=6495032
I have had no problems since, they are cheaper than Namesecure without having to purchase long-term contracts (That are non-refundable), and when I had technical questions, they responded same-day with answers that were on-the-money! Even when Namesecure did respond it was with an automated answer that did not address my issue. They even made it very difficult for me to move my domains - it took me nearly two months, and they never restored my email accounts.
The gist is, be grateful that your provider is just filtering, and not shutting you down completely. Also, I wound up using a "Free" internet webmail (such as Yahoo mail or Gmail) to retrieve and send my email instead of directly emailing by SMTP - this way my customers, my provider and I all know that any email originating from my domain must be spoofed.
A suggestion may be to use PGP or something similar to "Sign" your emails and make sure your customers know that if it really comes from you that it will have a digital signature. Eventually, whoever is using your domain will quit when they realize that none of their mail is getting through - most of these campaigns are short lived, and are the results of spammers. When all email software has filters smart enough to filter out unsigned emails, then the spammers will have to work harder to defraud people.
I am interested to see what other ideas people have - this seems to be relatively ignored by legislators, and not really addressed by vendors in a timely manner. Definitely there is no good strategy from the hosting providers either. There should be some mechanism in place by hosting providers to trap email that does not have a legitimate header (ie. originating from their email servers) for bouncebacks. Should hosting providers have some signature for email that is truly originating from their infrastructure to ensure that the mail people receive is from who it says it is?
I think that spammers need to be more challenged. Right now, it is easy for them to outwit the anti-spam filters, there is even "Script kiddie" software out there to help them determine when their message is formatted well enough to bypass the filters and arrive in your mailbox looking like legitimate mail (Using YOUR established domain is one easy way, that is why the do it!). There has to be someone smart enough to outwit the spammers and come up with an effective way to combat this problem.
Bob
NameSecure, NameSecure, THE worst customer service on earth!
by mediaman75 - 12/29/05 2:25 PM In reply to: I have had the same problem by rdbeckerMy Dearest NameSecure,
I’m just a mess these days, thinking about our relationship and where we went wrong. Through all of the tough times – through the sporadic downtimes, the countless hours spent trying to make my scripts work with your overloaded servers, through the mounds of junk mail that slipped through your ever-vigilant spam filter, and yes, even through those restless days spent troubleshooting with your incompetent customer service representatives – I gave you my utmost…indeed, all my heart could give.
When you disappointed me, I turned the other cheek, reminiscing longingly about the early days of our blossoming relationship…the days when, lured by the promise of server robustness and reliability, competent and friendly customer service around the clock, and cross-platform and cross-language script compatibility, all for a modest monthly fee, I was enraptured by your commanding embrace. You promised the world to me, and I – naïve and in love – pledged my unwavering dedication to you. Through sickness and health, you would be the only hosting company for me.
It is with a heavy heart that I inform you that those days of bliss have come to an end, never to return again. My heart insists, “We can work it out!” but my brain knows that after three business days, multiple electronic service requests, and countless hours spent calling your help line, only to hear busy signals time and time again, our harmonious life together is nothing but a distant, painful memory. Empty promises do not a Web host make.
In retrospect, I suppose I should have seen the signs long ago. This was certainly not the first time you were unavailable when I needed you most. As far back as three years ago, I can remember the restless nights alone…your all-too-convenient excuses for being unreachable when I called your name…your half-hearted attempts to make me happy, except when a payment or renewal was due. Like so many others, I was blinded by a false hope…a treacherous hope that a Web host that appeared too good to be true was not.
Well you are too good to be true, NameSecure. I used to think you were different, but now I know you’re as fickle as all those other bargain hosts out there, promising anything to have your way with a kind and honest Web developer like myself. And I’ve had enough.
On behalf of Web developers everywhere, I’m taking my business elsewhere…to a host that will appreciate me for who I am, even when times are rough…to a host that will be there for me through thick and thin…to a host that truly is all of the things you claim to be, but are not.
I write this, our final communication, without even the slightest pang of regret, for I know that if this note reaches but one other developer who might otherwise have fallen victim to your treacherous ways, my heartache will not have been for naught.
So long, NameSecure. May your days be filled with cancellations and loneliness!
Your victim no longer,
Mr. Unhappy
You are not alone
by wpostm - 6/4/06 6:52 PM In reply to: NameSecure, NameSecure, THE worst customer service on earth! by mediaman75I too have fallen victim to the poor service and neverending trail of autoresponses to my daily requests to fix a simple problem I am having with their mailbox redirect.
I purchased a mailbox for my business to try and reduce the amount of spam I was getting but not only did this reduce the spam...it completely cut off all communication to that email box. My business dried up and I am now trying desperately to rebuild it.
No matter how many emails I sent to namesecure.com I just got autoresponders telling me " Thank you for contacting NameSecure Support. We are focused on delivering quality customer service and to handling requests quickly and efficiently"
Of course as you know this is not the case. Not only was my case not handled in the manner they deluded themselves into believing, they did absolutely nothing and to date still have not addressed the problem. Two weeks without email is too long in business.
To anyone else contemplating trusting their business with namesecure ... take heed of this warning ...think again and look further afield.
(NT) Check the date
by tomron - 6/4/06 7:52 PM In reply to: You are not alone by wpostmDo you have a virus/trojan?
by calvinguy - 8/8/05 7:47 AM In reply to: What I would suggest by TONI HAnother way that emails can be spoofed is that they are real emails, but not intentionally sent out. One of your machines may be compromised and is sending out the junk emails via a trojan, virus, etc. Another option, which I find to be more frequent, is that ONE OF YOUR CUSTOMERS' machines has a virus or trojan and has found your email information in their address book and is using it. Of course, in the second case, you can do little to stop it. You can try to send out a reminder email about viruses and keeping antivirus software up to date. Just some ideas. Good luck.
You've been spoofed
by bgilmore5 - 8/5/05 2:16 PM In reply to: Domain hijacked - what options do I have? by GeekGirlIt sounds like you've been spoofed. Unfortunately, there is nothing you can really do about it. The creeps that did this to you did not need any access to your website. They simply took your domain name and added it as the reply to address.
I use to be an e-mail administrator, so I do understand how people do take this out on the owner of a domain name. If you don't want to give up the domain, the best you can do is place a notice on your website stating that you are not the distributor of the spams being sent out.
Unfortunately, most internet users are not savvy enough to understand how simple spoofing is. The golden rule is for users not to open spam and if they do don't reply to it. It's a heck of a lot easier for them to delete it than to reply to it anyway.
What I don't like about changing domain names is the fact that nothing is stopping the perpetrators from spoofing your new domain.
Exactly my point..
by GeekGirl - 8/9/05 12:43 AM In reply to: You've been spoofed by bgilmore5.. I mean, what's to stop another spoofer to do the same with my new domain...
You Don't Need More Clothes
by batonrougeenglish - 8/9/05 2:50 AM In reply to: Exactly my point.. by GeekGirlor jewelry or shoes or a new-hello.com name.
You only need to change Hosting providers. This happens to hundreds of domain owners and the Hosting company has to have filters and help with Spam.
And users such as I get spam from everywhere. We have to be resourceful enough to filter our email instead of blaming whoever we think sent the mail.
You are so pretty that I thought you were smarter than to change your domain name instead of the hosting company.
Just change the Hosting company: http://tophosts.com
"what's to stop another spoofer"?
by R. Proffitt
- 8/9/05 5:25 AM
In reply to: Exactly my point.. by GeekGirl
Nothing today. It's why I've written that email as we know it today will eventually have to change.
Then again, I did run into one complainer and their business didn't have AntiVirus (AV) installed on all machines. They were under the impression that only the machine that connected to the internet needed it. Guess what? The machines were infected and spamming.
Bob
Start Reporting Spoofing
by Chandaxi - 5/24/06 12:30 PM In reply to: "what's to stop another spoofer"? by R. Proffitt
Google Mail advices on report all spoof mail to:
spam@uce.gov
Hope they to get jail for spoofers
re ur problem
by Terse - 8/8/05 8:18 AM In reply to: Domain hijacked - what options do I have? by GeekGirlAre you aware that emails can be sent from any address you like?
I mean maybe a friend or somebody that doesnt like you is using your email address to spam with.You dont have to be hi-jacked to do this,they will just use your email address,in a fake emailer.Meaning they can type or use any email address they like in the space that is provided by the program to do so.
So its business as usual..
by GeekGirl - 8/12/05 2:47 PM In reply to: Domain hijacked - what options do I have? by GeekGirlRight then, so the gist of the matter is that basically I can't do much, I may as well just keep right on using the domain name, and include a disclaimer about the spoofing on domain/in email.
I checked with domain host - there is NO spam leaving our computers. There was once before and they reacted promptly, gave us a call and alerted us etc.
And their spam filters are sorting out the junk to my domain. So they are doing their job.
Thanks for your suggestions.
For More :: Help
by batonrougeenglish - 8/15/05 5:43 AM In reply to: So its business as usual.. by GeekGirlMs. Geek,
I had similar problems then switched to an email not connected to my domain name which stopped the spam going to the hoster.
You can email LsuEdu at Msn Dot Com for tips on email addresses in your email and website.
Something similar to this works but it is only an example;
mailto:%6c%73%75%65%64%75%40%6d%73%6e%2e%63%6f%6d?subject=Message%20from%20the%20web&Body=%20American%20Churches%20Courthouses%20and%20War%20
=======================================
Regards, Sir Gary in New Orleans, Louisiana
LsuEdu @ msn.com
http://groups.yahoo.com/group/Louisiana-Adoption-Advocates/
~ Read to Learn - Write to Think ~
=======================================
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
