Enom account hack

[Jacksun]

Hi everyone, it appears there is a group hacking Enom accounts. I had one domain registered fraudulently and my cart had 4 other domains and 3 SSL certs in it ready to purchase. The domains they tried to register, but were unsuccessful were all darkhorse.XXX or something similar. They were unsuccessful because my account balance is kept at a minimum.

 

Enom says the 1 domain they successfully registered was done 8/2/2011 at 4:00:48 AM manually which means someone got into my account and ordered the domain. I maintain strong password standards for all my accounts.

 

Of course Enom just blows you off with refunding the fees and cancelling the domain, even when the transaction was fraudulent, I need a happy-ramadan.com domain like I need an eighth hole in my head.

 

Just remember that you are NOT PROTECTED FROM FRAUD with ENOM which is ridiculous and unacceptable. Fraud transactions should be outside of normal policy and handled as the crime they are. You can't tell me these transactions cannot be reversed if they wanted to.

 

Change your ENOM account password immediately and minimize your account balance if at all possible to protect yourself.

[getup]

While I do understand that this is a problem, isn't this why Enom uses account validation besides the normal authorization process? Of course, each and everyone should update passwords on a regular basis when humanly possible, but isn't that just normal?

 

Don't get me wrong though, because I do think Enom should be more careful with reports like these and respond promptly to any issues you might have.

[jeremyhaber]

Interesting. I know Enom has anti-brute force in place for logging into your account. You only get around 3 attempts before the account is inaccessible for like an hour. The question would really be how did someone get into your account without knowing your password?

[Blueberry3.14]

Hi everyone, it appears there is a group hacking Enom accounts. I had one domain registered fraudulently and my cart had 4 other domains and 3 SSL certs in it ready to purchase. The domains they tried to register, but were unsuccessful were all darkhorse.XXX or something similar. They were unsuccessful because my account balance is kept at a minimum.

 

Enom says the 1 domain they successfully registered was done 8/2/2011 at 4:00:48 AM manually which means someone got into my account and ordered the domain. I maintain strong password standards for all my accounts.

 

Of course Enom just blows you off with refunding the fees and cancelling the domain, even when the transaction was fraudulent, I need a happy-ramadan.com domain like I need an eighth hole in my head.

 

Just remember that you are NOT PROTECTED FROM FRAUD with ENOM which is ridiculous and unacceptable. Fraud transactions should be outside of normal policy and handled as the crime they are. You can't tell me these transactions cannot be reversed if they wanted to.

 

Change your ENOM account password immediately and minimize your account balance if at all possible to protect yourself.

 

Thank you for the heads up, Jeremy.

[Blueberry3.14]

Interesting. I know Enom has anti-brute force in place for logging into your account. You only get around 3 attempts before the account is inaccessible for like an hour. The question would really be how did someone get into your account without knowing your password?

 

Inside job, maybe? They should be keeping access logs, but it sounds like your experience with eNom support has been like mine.

Edited August 3, 2011 by Blueberry3.14

[cmsplushosting]

This doesn't look good.

[Lawrence]

Hi everyone, it appears there is a group hacking Enom accounts. I had one domain registered fraudulently and my cart had 4 other domains and 3 SSL certs in it ready to purchase. The domains they tried to register, but were unsuccessful were all darkhorse.XXX or something similar. They were unsuccessful because my account balance is kept at a minimum.

 

Enom says the 1 domain they successfully registered was done 8/2/2011 at 4:00:48 AM manually which means someone got into my account and ordered the domain. I maintain strong password standards for all my accounts.

 

Of course Enom just blows you off with refunding the fees and cancelling the domain, even when the transaction was fraudulent, I need a happy-ramadan.com domain like I need an eighth hole in my head.

 

Just remember that you are NOT PROTECTED FROM FRAUD with ENOM which is ridiculous and unacceptable. Fraud transactions should be outside of normal policy and handled as the crime they are. You can't tell me these transactions cannot be reversed if they wanted to.

 

Change your ENOM account password immediately and minimize your account balance if at all possible to protect yourself.

 

Most likely is it either:

a) You gave the password to someone who used it

b) You have a keylogger or trojan on the PC used to access eNom

or

c) The password you use is actually not as strong as you think.

[Seb]

Most likely is it either:

a) You gave the password to someone who used it

b) You have a keylogger or trojan on the PC used to access eNom

or

c) The password you use is actually not as strong as you think.

 

This, and for the record, from our experience Enom support has been top-notch.

[Roger]

I've left eNom because of the minimum $100.00 required to add funds and the insulting $3.00 fee for the privilege of giving them my money.

 

-Roger

[malfunction]

FYI, you can always send eNom a check, there's no sneaky taxes applied when you pay that way. Support does stink though on the rare occasions we need it.