As domain names keep growing in numbers, so do their thefts. More and more domain names are being stolen, or hijacked.
The latest trend is using Paypal to pay for a legitimate domain transfer, only to request a refund afterwards. The domain transfer will then already be finished, and be in full control of the buyer.
Requesting such a refund is legal in most countries, but “returning” a domain name isn’t that easy, because another transfer has to be started (back to the original owner) for which the current owner (who ‘bought’ the domain name) has to give its approval.
The Domain Registry of America is using a similar technique to gain access to a lot of domains, by sending renewal letters to domain owners – even for domains that don’t belong to them. When domain owners respond to this letter, the domain is transferred to DRoA, and it’s nearly impossible to transfer the domain back afterwards – so you’ll have to pay their fees.
You can find an example letter, sent by DRoA, here. If you’re Dutch, you can find more information at the Nucleus Blog or over at FooBarBarBar.com.
