[conspire] Warning to domain owners: renewal/transfer scam

Michael C. Toren mct at toren.net
Tue Sep 30 12:44:11 PDT 2008


On Tue, Sep 30, 2008 at 11:08:48AM -0700, Rick Moen wrote:
> Rick:  Again, absolutely no offence intended, but because I don't
>        know what direct number an unknown voice on a telephone will
>        give me, I'd rather go through the switchboard.  Will that
>        work.
> Obie.  Yes.
> [a minute later]
> Obie:  Huh.  {pause}  Nobody's ever raised that concern before!
> Rick:  I'm actually not surprised.

About a year ago, while traveling, I had trouble logging into an online
account and was forced to call the site's support desk.  The support
operator cheerfully informed me that they had a very strict password
security policy.  They could issue me a new, randomly generated password,
but they were not permitted to disclose it to me over the phone.  Instead,
they insisted on calling me back at the number they had on file for my
account and leaving voicemail on a mailbox that included my real name in
the outgoing message.  I was a little puzzled by the requirement to leave
voicemail but ecstatic to learn that they took security seriously enough
to require a callback verification step.

The only trouble was that, because I was travelling, I wouldn't be able to
retrieve any messages they left at the number they had on file for another
week.  "Oh, I see.  No problem," the operator said.  "I'm still required
to leave you a voicemail message, though.  What number would you like me
to dial?"

-mct




More information about the conspire mailing list