RE: [gnso-irtpd] Example email string

["Dorrain, Kristine" <kdorrain@xxxxxxxxxxxx>]

I can appreciate the concern here.  I'm not a registrar, so I don't understand 
the nuances of transfer, but I do understand an FOA is needed.  What if (and I 
don't know in this case, I'm talking generally), the FOA was fraudulent and the 
registrar "didn't suspect" fraud. I use quotes because I am asking (honestly, 
not rhetorically) what prevents a registrar from simply "not noticing" fraud?  
Does a registrar do any sort of validity check or "well, the request came from 
an authorized email account so who am I to ask questions"?

Is there anything currently being done to encourage or train Registrars to spot 
fraudulent transfer requests?

Sorry if my questions are very  basic...

-----Original Message-----
From: owner-gnso-irtpd@xxxxxxxxx [mailto:owner-gnso-irtpd@xxxxxxxxx] On Behalf 
Of rob.golding@xxxxxxxxxxxx
Sent: Thursday, February 06, 2014 9:23 AM
To: gnso-irtpd@xxxxxxxxx
Subject: RE: [gnso-irtpd] Example email string


> But this type of issue is exactly the one Registrants are seeking a 
> remedy for within ICANN.

The 'claim' is that the transfer (validly completed) was 'fraudulent' 
because they allowed their details to be exploited/phished/socially engineered 
or whatever - that's going to need someone to investigate/prove/identify the 
details of the hack/exploit/scam.

Ideally that's a job for the courts and specialists, not ICANN, not a Registrar 
etc (in many cases) - a *crime* has been committed - we're not 'judges' or 
qualified to make decisions about that.

I hear the 'I've been hacked' story 100 times a week - usually after 
terminating a spammers services.

One of the funniest was Monday someone claiming they never ordered something, 
and that we're been 'illegally taking money' from their bank account - 
obviously they must have been 'hacked' (and accused us of doing it)

This is after the order came from their IP, it was paid (and 3d-secured at 
their bank) on their Debit card, they'd raised 3 support tickets/questions in 
the preceding month, we'd spoken to them by phone at least once ...

'I must have been hacked' translates into 'oh sh!t I forgot to cancel something 
I dont think I want anymore and rather than being reasonable and asking the 
company for a refund that they probably would have given without issue, I tried 
to fvck them over with bullcrap claims'

As to the email-chain that started the thread, who is to determine they didnt 
sell the domains and now have buyers-remorse ? Or had their assets seized by 
the FBI ? or a million other possibilities ...

> I disagree with the position that a party using illegally obtained 
> credentials

I'm merely saying the *correct* credentials were used - if there is a claim 
that the obtaining of those is 'illegal' then go seek 'legal' 
counsel.

Rob