How can you be sure their customer support can't also be socially engineered? I'm actually hesitant to use a service which requires 5 security questions to make a change, because I bet so many people forget their answers that their support is lax when it comes to bypassing them.
Because they ask questions only the user would know about the account and its history:
We will need to ask you questions to verify your identity. These questions will be different based upon your account and history with us. Please understand that these verification steps are for your protection.
* 2 factor authentication
* 5 security Q/A's before you can make an account change!
http://www.namesilo.com/Support/Domain-Defender
there is no WAY this guy would have had an issue if he was with namesilo and had both protections enabled
(I'm just a happy client and in no other way related to them)