domain hijacking... (long winded)

Fri Apr 26 21:24:51 UTC 2002

Hello all...

For years I've been using the domain 'virtual-voodoo.com'. Starting
at the beginning of this week I noticed my e-mail starting to slack
off. On Thursday morning it had stopped entirely. After checking
everything on my end I did a 'whois' and noticed that Progressive
Insurance now owned my domain and had since 4/15. Ouch! I have no
idea how that occurred since the domain is paid through August '03
(through Verisign/Network Solutions).

I called Network Solutions and opened a ticket to get things 
transferred back. They mumbled something about a fraud division
and said someone would call me.

In the interim I e-mailed the technical contact list on my domain
now and asked if they'd slave their DNS server to mine so that my
domain at least worked. I also explained how I had been hijacked.
I got a reply from Progressive saying that they had bought my
domain legitimately from Network Solutions? Now at this point I
start getting a little worried and go dig up receipts and check
my last 4 months mail for anything from Verisign indicating that
my domain has been transferred or some such (I use their crypt-pw
authentication method). No notices found.

I call Verisign again and explain things. They say that it definately
wasn't "just purchased" but that their had been a transfer. I explain
that I didn't approve any such transfer and I'm being damaged by the
fact that it occurred. The nice person on the phone said it would be
escelated to her manager and resolved that day. It wasn't.

I call verisign again this morning and am told that the department
that could have made the change closes at 5PM so they didn't get to
it yesterday but probably will today. Someone will call me when it
happens. More time passes... I call at 3:15 EDT and am told that
nothing had been done yet. I express my unhappiness that they are
not fixing this as I am their customer and they are at fault for
allowing someone to have my domain. I'm told its escelated and there
is nothing else they can do... they don't call the change department
they just open tickets. I apparently can't call the change department
either. *sigh*

So... I called shortly after 5PM EDT when I still hadn't heard 
anything. I was informed that my ticket was still open and still
escelated. Engineers gone home for the weekend. Someone will contact
me when the ticket is handled (maybe Monday). I am so screwed.

A lot of mail servers may hold mail for a day or two but then mail 
is going to start bouncing (some may hold longer *fingers crossed*). 
This sucks. Though I was slightly consoled that my ticket is flagged
as "critical". My engineers aren't allowed to go home when there is
"critical" work but everyone runs their company differently, ey? On
Monday my ticket will have been "critical" 3.5 days. That's not so
bad a turn around time for a busy company like verisign is it? ;)

So... can anyone provide me with a good fast solution? Not withstanding
that, can anyone suggest how not to have my domain ever hijacked again?
My faith in verisign's ability to secure anything is a tad shaken at the
moment.

-Steve