Tuesday, July 6, 2010

Identity theft

Well, it's a kind of fucked up full of hackers world. So, after reading this, well, it kind of awakes you. Anyway, it all started from an spam e-mail, which lead to an e-mail address and an IP. Which then led to an address and some domains, which revealed some more e-mail addresses and some real phone number, and so on.

At the end of it, this guy knew the spammer's family, names, ages, some portions of US SSN, real address, real phone number and much more, all of it using public websites, like facebook, myspace or intelius, whois searches, and he even had a picture of this guy's house using Google Maps.

A good step into privacy is following these simple rules. But somehow these are not always enough. And I know a lot of people now following even a half of those. Let's say I obey 9 out of 10 rules. That's because I didn't get to check privacy rules on LinkedIn, and I can think of a few flaws some guys can take advantage of. Anyway, if I were you, I'd blindly obey every of those 10 rules after reading what's in the first link in this post. And, ...as my eyes are getting sleepy ...sleepy..I just realized that FB is the biggest flaw of them all. That's because I know I obey most of those rules, and feels ok. But, I've set all my privacy settings around my Friends. So, they can see everything, except one thing I can only see myself - friends list. Well, what can I say, a lot of ex-girlfriends. Anyway, what if some ex, or whatever girl/guy is not following those rules, not even half? Social engineering is very hard to pull, but very effective. They can get their accounts hacked in a week. I've read few months ago about this penetration test some security company did with a client based on social engineering, and they got to find out everything, infrastructure, passwords, IPs ...etc. So, if one fails to follow those rules, get her/his account hacked, and someone could quickly get personal info about me. This sucks!

So, I guess the best privacy measure people should take is not posting shit online, and, of course, not tell personal info to people they just met online. Nothing! I think I will repeat myself, but anyway, I knew this philippino girl, we met online, and she liked doing something some people would pay for in front of her webcam. No details here. Anyway, she met this dude, she continued to do that thing, since one day, when she decided it's not ...moral. Or something! But, it turns out, that guy became her favorite stalker, she somehow told him her home address and cell phone, and he started threaten her about doing stuff to her or to her parents and shit. Don't really know the end of the story, ..oh well, at least I know she's ok, till next time she fucks it all up. That's because, few months after this guy, she met me, and yeap, I also knew her cell phone and shit. Some people never learn!

But, people should learn someday. Personally, from time to time, like ...once in 2-3 weeks, I test FB privacy settings to see what people are seeing about me, and Google Dashboard, that's because I'm a sucker for almost all Google products, and it helps people to see what infos they're sharing with others, including Google. And, starting tomorrow, I have to do something about passwords...well, it's actually 3:20 am..so this means, later today. I'll have to change most of them to something more random, not repeat themselves on some websites, like they do now.

No comments:

Post a Comment