It looks as if social engineering – that is: tricking people – is the easiest way for someone to steal a domain name. From the owner of sweet.com I received an email sent from sillworks4@gmail.com in which the sender pretends to be the legitimate owner of the domain and tries to trick the ISP to set up a forward in order to gain control over the domain.
I assume this was the method used also when our domain – direction.com – was stolen in late 2006 by someone operating also from sillworks4@gmail.com (and stillworks20@gmail.com). Here is how the email reads:
Hello Dear,
Thanks for nice services and support,
I’m tried many time to set mail forwarding for my email account, but page will not load after click on Submit button for set mail forwarding!!!
domain: SWEET.com
Tried to set: xxx@SWEET.COM forward to sillworks4@gmail.com So, Please check it and try to set this mail forwarding….and send me note when you have done it.
[the name of the administrator of sweet.com]
Thanks Again
