Naoki Hiroshima had (i.e. squatted) a rare and valuable Twitter handle, @N. It was extorted from him, he claims, by a scammer who figured out that PayPal reveals part of one's credit card number during security verification—and that GoDaddy accepts the same part of the number during security verification.
I asked the attacker how my GoDaddy account was compromised and received this response:
From: SOCIAL MEDIA KING
To: <*****@*****.***> Naoki Hiroshima
Date: Mon, 20 Jan 2014 19:53:52 -0800
Subject: RE: …hello
- I called paypal and used some very simple engineering tactics to obtain the last four of your card (avoid this by calling paypal and asking the agent to add a note to your account to not release any details via phone)
- I called godaddy and told them I had lost the card but I remembered the last four, the agent then allowed me to try a range of numbers (00-09 in your case) I have not found a way to heighten godaddy account security, however if you’d like me to recommend a more secure registrar i recommend: NameCheap or eNom (not network solutions but enom.com)
GoDaddy outright refused to help him at first, too. It's shocking how weak account security is there, and at PayPal: "Don’t let companies such as PayPal and GoDaddy store your credit card information," Hiroshima writes.
UPDATE: On its Twitter account, PayPal denies that it gave out "any credit card details".
Astronaut.io randomly plays new YouTube video that have close to 0 views. It plays a few seconds of each video before moving on to another random video. If a certain video catches your attention, click the dot below the video to see the whole thing. I could waste a lot of time here. Today, you […]
Nine News Australia’s anchor Amber Sherlock flipped out just before going on air that her colleague Julie Snook was wearing white, just like her, even though she advised her against it. Sure, they weren’t live yet, but the Internet doesn’t care. “It is an issue. Go and grab a jacket!” Sherlock must be well-loved by […]
A European court has ruled that the UK cannot subject its citizens to indiscriminate data collection unless the data retained is being used solely to fight serious crime, reports the BBC. The verdict concerns an earlier incarnation of Britain’s blanket domestic surveillance plans brought to court by opponensts. It does not specifically address the recently-passed […]
Computer hacking isn’t just something happening to the DNC. Major software companies need white-hat hackers to ensure the security of their products and users, and I came across a Computer Hacker Professional Certification Package that conveniently teaches those advanced IT techniques online.This course package will prepare you for various computer security certification exams with over 60 hours […]
One of the best ways to progress a career in project management is through earning recognized certifications. These certifications carry significant clout and don’t require expensive tuition or student loans. This Ultimate Project Management Certification Bundle is a great example of an affordable way to get ahead. It includes training for 9 certifications including PMP, […]
There’s nothing quite like the rush of playing against a real human opponent. But from a developer standpoint, creating fun multiplayer experiences is incredibly complex. Fortunately, the Unity3D game engine has made all aspects of game creation, including multiplayer functionality, as accessible as ever.This Unity Course Bundle introduces all of the necessary elements of creating […]