WARNING: I am in NO WAY saying to do this or advising you to try this. This is a fictional story based on something that could happen!
Let’s say a online domain name auction service offered bidding services on expired domain names. It cost’s $5 to sign up to use the service.
Since no detailed investigation is used to verify an account, phony account information can be used when your account is created in order to become a bidder and a pre-paid credit card to pay the $5 fee. As most scammers do, a proxy service is used when creating the account so locating the person who created the account is nearly impossible.
Using a different proxy service, one could repeat this process, which would equal phony account number 2 with both accounts showing a different IP address location and phony account info again. (looking like two different people). $10 invested.
An auction starts for $10 for the expired domain name with No Reserve. This is a valuable domain name with a value estimated around $10,000.
Bidder #1 places a $10 bid. Seconds later, bidder #2 put’s in a high bid of $20,000. To raise the proxy bid price, Bidder #1 bids $20,100 making the auction bid price $20,100. Bidder #2 puts in a final bid for $20,200 and the auction ends for $20,200 to bidder #2.
Since the auction price went up so fast and the bid price higher then the domain names value by a fair amount, nobody else really had a chance to bid or would bid at that point for the domain.
Emails from the auction service are sent out to collect the winning amount from bidder #2. Over a short period of time, no payment is made. Bidder #2 doesn’t pay for the domain name, doesn’t reply to emails.
Since the auction services policy is: if the winning bidder doesn’t pay, the second highest bidder is offered the domain name without another public auction. Since the #2 bidder became a non-paying bidder, the price could not have "gone up" with bidder #2′s bids, meaning all bidder #2′s bids are voided.
Since there were only two bidders in the auction with bidder #2′s bids voided putting the actual bid price back down to $10… the only "real bid" needed.
Bidder #1 obtains an estimated $10,000 domain name for $20. ($10 bid, $5 account fee x’s 2)
Since the auction service runs tens of thousands of domain name auctions per week and likely has non-paying bidders pretty often, a situatation like "real value" of the domain name would be questionable and not picked up by a "computer system" as many domain names end with a $10 bid.
This story was created based on an online domain name auction services auction policy not to "rerun" an auction after a non-paying bidder has occured and reward the domain name to the next high bidder with the non-paying bidders bids voided.
Michael
Very interesting post Jamie, scary how easy that could be. I hope bringing this flaw to light is enough to get the company to change the policy.
Ross
Can you use a pre-paid credit card at the auction houses? I know many many online places do not allow pre-paid credit cards or paypal debit cards. This is the exact reason, so they can find the person if they need to.
Jamie Zoch
@michael,
. I think a lot of things need to be changed with online auctions in general like “verified bidders”. It seems that nearly anybody can bid with a credit card.
I agree and the reason I wrote it. I know they read my blog
Jamie Zoch
@ross
I use a Paypal debit card. I am not 100% sure if pre-paid credit cards are accepted at all domain name auction services, but I also question how one can tell if it’s a pre-paid or not? http://www.ehow.com/how_4932785_use-prepaid-visa-credit-card.html read the #2.. that person used it for a domain name. (doesn’t say auction or not)
Quoc
Can anyone confirm that when: The highest bidder was voided will put the actual bid price back down to $10. That the other bidder (the second highest biddder) will get that domain for only $10 – not paying at his second highest of $20,100 (lost to the highest bidder of $20,200?
The auction owner in this fictional story couldn’t be that dumb to let it happen?
Ross
I am not exactly sure but it is possible to detect them. I had tried to purchase something online with a pre paid credit card just after christmas and it was declined because it was pre paid.
Though after reading this i did some research on the TOS of a couple of auction houses and the ones i looked at had something to the effect of: Information provided must be accurate or its a breach of contract.
So in all reality if this was to be pulled off i am sure that the auction houses would catch on at some point. Its not hard to catch these things going especially if it was often. All they have to do is call incorrect information and then i am sure the domain would then be re-auctioned.
At the end of the day, i do get the point of the post and think in some cases it is ridiculous especially if the gap between bids is a large one.
Jamie Zoch
@Quoc
Since the auction in this story is an expired domain name, that means the registrar is selling the domain. As mentioned in the story, thousands of auctions end each day during auction, so ONE domain name auction doesn’t always stick out more then another even if there is a non-paying bidder.
Adam
I think you are offbase here. They do not void all the “bad bidders” bids… In my experiences having won domains that other bidders backed out of, the last bid I placed is what I bought the name at.
Since bidder #1 bid up to 20,100 that bid would be their final bid and what they would be paying . . .at least in my experience.
Nashville Retail Space
Very interesting article. I wonder how long it takes before all the online auction companies revise their policies. There could be a lot of money left on the table if people are really doing this.
Jamie Zoch
@Adam,
I understand what your talking about, but not removing ALL of the “bad bidders bids” is silly and something in no way would I be paying. If the #2 bid was Fake (non-paying bidder), there is no reason for that bid to count or any bids from bidder #2. If the “second bid” forces bidder #1 to bid again via proxy bid or hard bid, why should bidder #1 have to pay the bid #3 price if there really isn’t a “real” bid #2?
~
Consider it a Proxy bid, because that’s what it really is. Without Bid #2, bid #3 would not have to take place.
~
Not removing ALL of the “bad bidders” bids would be like saying it’s OK to “Shill Bid” and allowing “some” of those bids to stay. It just doesn’t make sense.
Adam
Jamie agree but obviously taking away all bidder #2′s bids leaves the door open for the abuse that you described above.
Additionally, I wouldn’t just focus on the online auctions/expired domain auctions. What about the live auctions that we never hear about bidders who backed out or didn’t pay? Some of these bidders may have been bidding up other auctions.
Say I’m bidding on xyz.com and bidder #2 is as well (at the even or via pc) . They don’t buy the domain but run the auction up another 10k. They later buy a few domains and then never pay for those names. Currently there is no method (or incentive for the auction houses for that matter) to track those bogus bids or account for them and refund the costs that these bogus bidders racked up on the unknowing bidders. Those bids shouldn’t count either but you don’t see anyone getting refunds. Hard telling if this has happened but there was an auction where a bidder backed out of dozens of transactions ( http://www.domainnamenews.com/domain-aftermarket/mobi-buyers-remorse/1300 ) and it was made public. There really was no way to know what else this bidder bid on and didn’t win. This potentially cost buyers even more money. Make sense ?
blargh
I know who you are talking about, bidder #1 would have to pay $20,100 to get the domain, their highest bid. Only the non-payers highest bid is void
Huy Nguyen
The above story is fictional one! However, I know the true story like this:
After the bidder won the domain with very high price, he tried to contact and bought the domain with very low price (compare to the bidding price) from the current owner. Because of the Godaddy auction policy, the current owner would still have about 7 days (or 5 days!) to pay the redemption fee (about $100) after the Godaddy auction and get the domain back.
…and I know this story is still happening!
Quoc
Ouch, I’ve found a trustable source that unintentionally described exactly what and where could be done in real life, the scam in this fictional story.
http://www.thedomains.com/2009/03/13/namejet-non-paying-bidder-policys-is-hurting-its-auction-and-its-bidders/
LINE 33, from top
“… offers the domain to the second highest bidder, without regard to the non-paying bidders, bids…”
So, the 10k domain can be taken for as little as 10 bucks is not impossible.
Wallace
this is the true reason why we should not use Godaddy auction.
Bosh
I think I’m missing something here. Why not cut out the “would they charge bidder #1 $10 or $20,100?” question completely, and do something along the lines of:
bidder#1: $10
bidder#2: $20,000
And then that’s it. Bid #2 is a no pay, and whether or not bids get disregarded it defaults to bid #1′s $10. Right?
Jamie Zoch
@Bosh,
That would make sense but the fake bidder would have to be the first bid! If they didn’t see the domain until several bids were placed already.. they had to spend a little more money ($355) to be the highest bidder. Then the remaining high fake bids come in to push away other bidders so they do not have to pay any more.