There’s a glitch in the GoDaddy app that causes domain names purchased with the app to suddenly appear in someone else’s account. Not only do domains purchased with the app go to someone else’s account, the purchaser’s credit card details are being added to the unsuspecting account holder’s account, as well.
This individual ordered the name using her GoDaddy mobile app…this was the 2nd domain name she had registered with them, and she had entered in her account number and password when she ordered the name. She [looked at] her receipt, which clearly indicated my account number and VinsDomains, along with her name, address and credit card information.
I recently spoke with Vincent Jacques, of Vin’s Domains, and he explained what happened last week to him.
“Last week, I received a notice from GoDaddy about confirming an e-mail address for a domain name that was unfamiliar to me. Thinking it was part of the highly publicized phishing schemes, I deleted the message. A couple of days later, while reconciling my accounting records, I noticed a receipt in my account for a domain purchase that I never made. Looking at my list of domain names, sure enough, there was this domain name in my account that I had never seen before. I contacted GoDaddy and based on the receipt I had, it appeared that someone had got into my account and ordered that domain name. Further research, however, quickly revealed that the name was paid for by a credit card that was also unfamiliar to me and that card was now listed as a preferential payment method for my account in GoDaddy’s records. GoDaddy explained that I should change my password immediately, because the only way someone could register a name in my account would be if they had that password and matching account number.
Needless to say, I was a little freaked-out that someone was in my account. GoDaddy offered to delete the name form my account, but having noticed the person’s name, address and phone number on the receipt, I told GoDaddy not to delete the name and that I would call the registrant and try to get to the bottom of things, which I did.
When I called the person and asked if they had recently registered a domain name, they said yes and indicated it was for a new business endeavor. After explaining who I was, I came to learn that this individual ordered the name using her GoDaddy mobile app. She stated that this was the second domain name she had registered with them (which I confirmed through research), and that she had entered in her account number and password when she ordered the name. She indicated that she never took a close look at her receipt (which she provided a screen shot of to me), which clearly indicated my account number and VinsDomains, along with her name, address and credit card information.
GoDaddy’s has indicated that they have no idea how this could have happened. I’ve changed my password and will be pushing the name to this persons account. The lesson learned here is to pay attention to your receipts and records at all times. On my end, I may have had a security breach, on her end, her credit card info was sitting in my account for me to do what I wanted with.”
What’s concerning here is that someone used Godaddy’s app to purchase a domain name. For some reason, the app put the domain name, along with the purchaser’s credit card information, into someone else’s account. Not only did Vincent get the domain name from someone else, he also got their credit card numbers, name, address, and other details.
It appears that there is some sort of glitch in Godaddy’s mobile app that Godaddy needs to take care of right away. Until we hear from Godaddy that this glitch has been fixed, I’m personally not recommending that you purchase any domain names using Godaddy’s mobile app. You might not be as lucky as this woman, and your credit card information, along with the domain names you purchase, may just end up in someone’s account who is not as honest as Vincent.
I’ve reached out to Godaddy for a comment, and as soon as I hear from them I’ll update this post.