How do you know the seller is the owner of the domain rather than just the controller?

[Andrew]

... you likely wouldn't have had these situations if you hadn't enthusiastically encouraged so many raw newbies to jump into buying sites ...

What the ...?! I understand you have a bit of a hang-up on this from two years ago but I cannot see it being related. The scammer wanted to get in front of a massive buyer audience where he/she could sell in a short period of time.

You verify "nine-tenths" (possession) but claim to have verified ten-tenths (ownership). Little "exaggerations" like these all contribute to that false sense of security you give newbie buyers whom you then expect to "make up their own minds".

We've sold over 10,000 websites since we added this small tweak. Not one of these has resulted in a buyer discovering that the seller did not own the website. Don't you think there's at least a hint of unethical behaviour in suggesting we're somehow being actively deceptive here?

@DomainMagnate and @grynge - agree with your thinking. We did a bunch of manual checks using domaintools history records but in many cases the scammer didn't change the whois. eg he/she had access to the underlying email address or otherwise used TXT record verification - neither of which domain tools picked up.

[grynge]

@DomainMagnate and @grynge - agree with your thinking. We did a bunch of manual checks using domaintools history records but in many cases the scammer didn't change the whois. eg he/she had access to the underlying email address or otherwise used TXT record verification - neither of which domain tools picked up.

Andrew I know of one way but it would be very time consuming.

co.za whenever a change is made they email all contact holders and those contact holders must agree to the change or in your case sale.

For example an email would be sent to the Registrant Details, Technical Details etc etc, then with a code to be placed in those emails the contact would have to click to authorize the sale of the website/domain.

You stated above by your own testing that the details aren't changed. You could also decree on the site something like all contacts of domain have been contacted and agreed to sale of website/domain. This would stop 100% of the scammers trying to sell something they don't have access to. Would it stop those who hacked in registry accounts, well yes it could if you also put in place a red flag for any change of registry details before or during the starting of the auction, which at that point you could manually verify with the past owners of the website/domain.

[Clinton]

We've sold over 10,000 websites since we added this small tweak. Not one of these has resulted in a buyer discovering that the seller did not own the website. Don't you think there's at least a hint of unethical behaviour in suggesting we're somehow being actively deceptive here?

Hmm, I was expecting a completely different answer. I was expecting you to recognise that the claim you make on every listing is - intentionally or unintentionally - misleading, I was expecting that you'd tweak it to make it more transparent. You don't verify ownership, you simply check possession. To claim that you verify ownership gives buyers a false sense of security. However, it seems your argument is that as you have no evidence anybody lost money as a result of your misleading claim, it is okay to continue making it.

What the ...?! I understand you have a bit of a hang-up on this from two years ago but I cannot see it being related. The scammer wanted to get in front of a massive buyer audience where he/she could sell in a short period of time.

Andrew, this is unrelated to this particular scammer. I believe Flippa created a large part of the problem at the lower end of the market by how they and who they encouraged. Whether it happened two years ago, last year or is continuing to happen as I see in your blog post today, is not really relevant. When Flippa started, it had two strategic choices - designing the market to cater for online businesses ... or targeting (mainly) Make Money Online. You choose MMO. Nothing wrong with that from the business viewpoint - there was more money there! But that end of the market is also more problematic and your activities encouraged a lot of low-end MMOers to jump in. Many are still there. A large part of Flippa's efforts - from the various changes/improvements you've made ...to the high support costs - wouldn't have been necessary if you were a businessesforsale.com type site for online businesses (but you wouldn't have made as much money in that market unless you found a way to add broker style value beyond just exposure and get paid broker style commissions.)

[KenW3]

Andrew you could also using an api such as domaintools, take a look to see if any recent changes to the registrars had been made, whilst not an exact science it could help in identifying thieves who change details a day before the auction. At least it could red flag a site for closer inspection.

A good idea, and one that was supposedly applied in July of 2011. Morgan Linton launched DomainTheft.org in 2008, and revised the site to incorporate this idea in 2011 in a new version of the site. Re-Introducing DomainTheft.org This site is partnered with Escrow.com, Flippa.com, and DomainTools.

I recall he used to have lists of stolen domains (if I am remembering correctly) but have not seen any lists in quite a while. This site allows you to hire a domain recovery agent and this shows

There is absolutely no cost for this service, getting your domain name back is the best reward we could ask for!

Perhaps the reason the lists are no longer available is explained by an article at DNJournal.com?

Morgan Linton Launches DomainTheft.org in Effort to Stem Stolen Name Sales

To offset operational costs, Linton said domain owners will pay a small monthly fee ($5 per month for a basic listing or $10 per month for a premium listing) to publicize their stolen domains in a database that is available to every major domain name sales platform and marketplace, including platforms like eBay and Flippa.

The article also explains a Domain Theft Verification System (DTVS).

The article goes further to state

DomainTheft.org will let domain owners decide what the service was worth to them and pay accordingly for successful recoveries.

which quite obviously negates the statement quoted above (from DomainTheft.org) stating there is no cost for this service. Donation-supported is not free.

I assume the utility of this site is now invalid, as this has become a paid listing service (paid by victims of theft) published only to domain name sales platforms? It originally was a truly great idea.

[grynge]

As far as I can tell, the big problem with that is most domain holders who have their domains stolen wouldn't know about it until the domain is sold. So there would be little point in placing your name on their list.