Skip to content

Developer Loses Single-Letter Twitter Handle Through Extortion

January 29, 2014

Developer Loses Single-Letter Twitter Handle Through Extortion – January 29, 2014 at 05:28PM

Hugh Pickens DOT Com writes "Naoki Hiroshima, creator of Cocoyon and a developer for Echofon, writes at Medium that he had a rare one-letter Twitter username — @N — and had been offered as much as $50,000 for its purchase. ‘People have tried to steal it. Password reset instructions are a regular sight in my email inbox,’ writes Hiroshima. ‘As of today, I no longer control @N. I was extorted into giving it up.’ Hiroshima writes that a hacker used social engineering with Paypal to get the last four digits of his credit card number over the phone then used that information to gain control of his GoDaddy account. ‘Most websites use email as a method of verification. If your email account is compromised, an attacker can easily reset your password on many other websites. By taking control of my domain name at GoDaddy, my attacker was able to control my email.’ Hiroshima received a message from his extortionist. ‘Your GoDaddy domains are in my possession, one fake purchase and they can be repossessed by godaddy and never seen again. I see you run quite a few nice websites so I have left those alone for now, all data on the sites has remained intact. Would you be willing to compromise? access to @N for about 5 minutes while I swap the handle in exchange for your godaddy, and help securing your data?’ Hiroshima writes that it”s hard to decide what’s more shocking, the fact that PayPal gave the attacker the last four digits of his credit card number over the phone, or that GoDaddy accepted it as verification. Hiroshima has two takeaways from his experience: Avoid custom domains for your login email address and don’t let companies such as PayPal and GoDaddy store your credit card information."

Share on Google+

Read more of this story at Slashdot.

    



from Slashdot http://ift.tt/1mXVTwU

Advertisements

From → feedly shared, Tech

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: