I can appreciate the concern here. I'm not a registrar, so I don't understand the nuances of transfer, but I do understand an FOA is needed. What if (and I don't know in this case, I'm talking generally), the FOA was fraudulent and the registrar "didn't suspect" fraud. I use quotes because I am asking (honestly, not rhetorically) what prevents a registrar from simply "not noticing" fraud? Does a registrar do any sort of validity check or "well, the request came from an authorized email account so who am I to ask questions"? Is there anything currently being done to encourage or train Registrars to spot fraudulent transfer requests? Sorry if my questions are very basic... -----Original Message----- From: owner-gnso-irtpd@icann.org [mailto:owner-gnso-irtpd@icann.org] On Behalf Of rob.golding@astutium.com Sent: Thursday, February 06, 2014 9:23 AM To: gnso-irtpd@icann.org Subject: RE: [gnso-irtpd] Example email string
But this type of issue is exactly the one Registrants are seeking a remedy for within ICANN.
The 'claim' is that the transfer (validly completed) was 'fraudulent' because they allowed their details to be exploited/phished/socially engineered or whatever - that's going to need someone to investigate/prove/identify the details of the hack/exploit/scam. Ideally that's a job for the courts and specialists, not ICANN, not a Registrar etc (in many cases) - a *crime* has been committed - we're not 'judges' or qualified to make decisions about that. I hear the 'I've been hacked' story 100 times a week - usually after terminating a spammers services. One of the funniest was Monday someone claiming they never ordered something, and that we're been 'illegally taking money' from their bank account - obviously they must have been 'hacked' (and accused us of doing it) This is after the order came from their IP, it was paid (and 3d-secured at their bank) on their Debit card, they'd raised 3 support tickets/questions in the preceding month, we'd spoken to them by phone at least once ... 'I must have been hacked' translates into 'oh sh!t I forgot to cancel something I dont think I want anymore and rather than being reasonable and asking the company for a refund that they probably would have given without issue, I tried to fvck them over with bullcrap claims' As to the email-chain that started the thread, who is to determine they didnt sell the domains and now have buyers-remorse ? Or had their assets seized by the FBI ? or a million other possibilities ...
I disagree with the position that a party using illegally obtained credentials
I'm merely saying the *correct* credentials were used - if there is a claim that the obtaining of those is 'illegal' then go seek 'legal' counsel. Rob