Remember the post about the person who had been offered $50,000 for his Twitter handle @N, but that had his websites held hostage thanks to a social engineering attack that forced him to hand over the handle? And remember how he had a conversation with the attacker who described the plan in detail? It's like something out of a Scooby-Doo cartoon.
Well here we go again! On the same site, Ars Technica, is a story from someone else who has the Twitter handle @jb, apparently in high demand by Jonas Brothers and Justin Bieber fans to the tune of $500,000, came under social-engineering attack as well when he started receiving a bunch of emails from Amazon that were password-reset requests.
Unlike the previous story, he was able to (barely) intercept the attack and prevent it, but it's a good read and offers some good advice for security. You can never have 100% security,but you want to be as close as possible.
Hang onto those Twitter handles!
Well, I cant say I'm so surprised it happened again. This kind of cyber bulling should have consequences attached. I feel bad for these people who are hacked, but If I were offered $500,000 for a domain name...all I can say is I would take the money. They should have stronger restrictions on password changes to accounts to help prevent this from happening. This was a good story, I just hope stories like this come out more to make people more aware of how to protect themselves from hackers.
ReplyDeleteI'm suprised that these companies continue to have sub-par security standards. When calling in all you need is some basic information that you can get off of a mailing label and you will have full access to someones account. I was shocked to hear that the person who got into his Amazon account didn't even have a current address. After all of the negative publicity Target recieved for a legitimate data breach, companies are still are not taking customer security seriously at all. They want to pull as much information from you as possible but they will not safe guard it. With problems like this it is impossible to protect your information and even your identity.
ReplyDeleteAfter reading this article, I find it very surprising and scary that pretty much anyone can call Amazon and obtain information on resetting a password that isn't even theirs. Its scary what good hackers are able to accomplish in such a short period of time and Josh Bryant better be thankful that he was able to stop anything from happening to him. I feel that people working at companies like Amazon need to be trained better so that they know that there could be a potential scam going on and not give important information out to the wrong people.
ReplyDeleteGoing to the concept that Josh Bryant was offered $500,000 for his domain name is crazy in my opinion, and if that was me that was offered that amount of money, I wouldn't hesitate with my answer. DEAL!