Company deletes hard drive and loses their website
In this day and age, you’d reckon everyone would at least make a backup every so often and what I’m about to report here might shock you — JournalSpace.com, a blogging platform similar to Wordpress, Blogger, Typepad, etc (albeit less popular), has been put out of business by a disgruntled employee who decided to overwrite the company’s hard drive. JournalSpace.com was using a mirror RAID configuration on their server’s hard drives which allowed them to mirror the content across the drives — essentially allowing them to save a second copy of the data in the event something went wrong.
I didn’t have all that much experience with dedicated servers myself when I purchased my first one earlier this year — I actively explored using a RAID mirror configuration (eg. RAID 1+0) but what I came to find from the large majority of sites I visited was that they all mentioned it wasn’t sufficient as a backup solution. As is evident in this case, mirrored RAID can’t protect from the actions of disgruntled employees or malicious hackers. Cpanel backups are easy enough to do if you have Cpanel installed on your server — just make sure that the backup gets downloaded to your computer and not only to a certain location on your server (which would be vulnerable to attack from a hacker or disgruntled employee just the same). In this case, a more advanced form of replication would have been a good choice.
Do other people have access to your computer? It’s always best to have the backup saved elsewhere other than your computer as well. Wordpress suggests you have backups saved in at least 3 different locations — one could in example be your server, another, your computer, and another, a removable storage device that ideally, nobody has access to other than you. Placing it on a second hard drive on your computer is essentially the same thing as this company did with the mirrored RAID and could land you in trouble. If you’re using FTP software on your computer which automatically connects to your server, deleting both what’s on your computer and what’s on your server become one and the same.
Quantcast suggested JournalSpace.com had approximately 14,000 monthly visitors from the USA alone — this was a big website, one which had been in business since 2002, and one which is no longer.
JournalSpace.com info courtesy of Slashdot.
Twitter Phishing
Just a warning for all Twitter users that Twitter has announced that a phishing scam is currently circulating the web targeting Twitter users. The phishing scam works by email and will ask you to check something out. I received this phishing email myself — the email said: “Hey, look at this funny blog (then a link)”. The phishing emails look like emails you would receive if you had opted to receive Twitter direct messages via email. Twitter is reporting that the links in these emails redirect to “fake Twitter” pages — basically a website which looks like Twitter but isn’t. As always, make sure the URL’s match up (and avoiding the temptation to click links in emails can solve a lot of problems before they get started).
This particular phishing scam is all the more dangerous because the emails are coming from people who you’re following — at least that was my experience, and Twitter is reporting that at least one of the goals of the phishing attack is to steal usernames + passwords of Twitter users, allowing them to then use the strengths of social phishing to increase the number of people they’re able to dupe into falling for this scam.
If you’re unable to login to your Twitter account, be sure to reset your password or contact support — don’t let these phishers claim your friends and family as victims as well. The phishing scam is also apparently stealing Facebook ID’s. It’s possible the phishing scam could be targeting other websites as well, so be sure to change your passwords if you’ve succumbed to it.
Domaining.com and MysteryDomainAuction.com News
I’ve always liked Domaining.com and am glad to hear it will continue to be free to get the latest news. I know there must be 10 (or more) domaining RSS aggregators out there plus the possibility of making your own, however I have never found anything which presents the latest domaining news in as visually appealing a way as Domaining.com. Francois has decided to keep Domaining.com free and has found a different way to monetize it — namely, by making it $25/year or $10/quarter for new members to get featured domains 24 hours before others. Existing members will continue to receive featured domains in the daily newsletters, however new members will have a 24 hour delay in receiving the day’s list of featured domains. Visiting sites on Domaining.com will continue to be free and Francois will no longer be requiring you to log into visit blogs listed on Domaining.com.
.mobi
There are a few members on the domain name forums that have developed great .mobis that are making them a profit.. The extension isn’t looking very good from a speculative perspective, however it’s a great extension for development. If you develop a mobile compatible website on a .mobi and .mobi gets more popular, you win. If you develop a mobile compatible website on a .mobi and .mobi gets less popular, you still win. Outside the domain industry, not a whole lot of people are familiar with anything other than CNO + their country’s ccTLD (in certain countries).
Traffic Domain Name Scams
Adam Strong from Domain Name News wrote a great post about traffic domains and what you should watch out for. If you’ve been domaining for 1+ years, you probably know all this stuff already, however if you’re new to domaining, I really think you might find it useful. It’s a long article and if you’re new to domaining, I really hope you’ll take the time to read it — might save you from falling victim to the all too common traffic domain name scam.
Changes to Domain Name Scams
I’m currently in the process of making a few changes to Domain Name Scams to make it easier to quickly browse through the content. Most of my posts here are quite long and I cover a wide variety of topics from week to week, so this will hopefully allow you to browse over the content more quickly to find what you’re looking for. Longer posts will have a “Read more” link near the end of them — by clicking this link, you’ll be able to see the rest of the content. Alternatively, by clicking on the post title, you’ll be able to view the entire post. As always, everyone is welcome to voice their opinion on this change by leaving a comment or sending me an email.
Digital Goods and Chargebacks
As we all know, Paypal isn’t exactly seller-friendly when it comes to domain name disputes. Unsurprisingly, they have the same “pro-buyer” stance when it comes to services provide online such as web design. In many cases, there exists a way to protect yourself — mail something to the buyer so that you have proof of shipping. For example, you could send the username and password associated with the domain by email. This will, as a bonus, allow you to confirm that the person is who they say they are. If you’re providing web or graphic design services, email them a copy of the work on a CD so they have a backup copy (aka covering yourself from chargebacks). Who’s going to refuse a free CD?
As a buyer, always pay through Paypal using a credit card. For even more protection, you could pay by Paypal via eCheck from an account which doesn’t have sufficient funds in it for the eCheck to clear. If the seller delivers as promised, fund the account and the eCheck will clear, if not, let the eCheck bounce (make sure you don’t have overdraft protection and are aware of NSF fees for doing this). This shouldn’t be used for products which will take more than a couple days to be delivered — you don’t want the eCheck to bounce if they’re legit and that could end up happening if you wait too long to fund the account.
Israeli Domain Name Registrar Hacked
I’m sure it’s crossed everyone’s minds at least once or twice — couldn’t someone hack a registrar or (gasp!) a registry?
The registrar hacked in this case was DTNT — DomainTheNet.com. According to Yoav Keren, CEO of DomainTheNet Technologies, “hackers were able to track passwords used by the online customer services system, to access the domain management system, posing as system administrators authorized to change IP addresses.”
The attack resulted in users being redirected to websites other than the ones associated with the respective domain names (hijacked DNS). The attack is believed to have been brought on by the Gaza offensive. Thankfully the attack was used to spread a message, not to spread malware or steal domains, however that might not always be the case.
Original source and for more information: Ynetnews.com (who happened to be one of the victims of the attack)
MysteryDomainAuction.com
John Motson, the blogger behind the popular DNXpert domain name blog released yesterday what he’s been promoting as the “Domaining Revolution” for awhile now — something he said would be “BIG” and clearly looks to be that way, having been covered on several domain name blogs already, as well as impressed members on the domain name forum.
Opinion about the idea seems mixed, some feeling an all-pay auction, an auction where all bids must be paid with real money (you pay your bid amount even if you lose) borders on gambling and being illegal in the United States, others feeling it’s a genius idea. The basic idea behind MysteryDomainAuction.com is that a 100 day auction is being held on a domain which has recently appeared in a domain name auction as being valued at $10,000+. On day 50, John will let everyone know what the domain is, however John is also offering the alternative of $10,000 cash to the winner, so it’s safe to say the least the winner will be walking away with is $10,000.
Best Practices for a Successful 2009
If you haven’t done so already, please make sure to check out my time management post on LLLL.com. Seeing as this blog is primarily to discuss how to safely conduct business on the Internet, I’ll elaborate on a few more domaining best practices below:
Create sales listings explaining clearly and precisely what is and what is not being included in the sale (eg. domain, content, hosting). Good communication between buyer and seller can often resolve problems before they escalate to chargebacks, payment reversals, or negative feedback. Do your best to answer all questions a buyer may have and as a buyer, ask all questions you have prior to sending payment. Many domainers incorrectly believe that once proceeds from a sale via Paypal reach their bank account that they’re safe – this isn’t true. Paypal allows payment reversals for a full 45 days following a purchase and many credit card issuers allow up to 180 days should you have been so unfortunate as to have accepted payment through Paypal via a credit card.
