Interesting case being talked about over at domainstate where someone has been pushing domains into someone else's account less than 14 days from renewal (enom apparently sends last notice at 14 days) with autorenew set and requests the domain back through support. Interesting security exploit. Appears the names were legally risky as well (tm's). Will enom fix this security vulnerability and implement an account push code or at least notify owners of domains pushed into their account?
