Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Developer Loses $50,00 Twitter Name Through Extortion

Hugh Pickens DOT Com (2995471) writes | about 9 months ago

0

Hugh Pickens DOT Com (2995471) writes "Naoki Hiroshima, creator of Cocoyon and a developer for Echofon, writes at TNW that he had a rare one-letter Twitter username, @N and had been offered as much as $50,000 for its purchase. "People have tried to steal it. Password reset instructions are a regular sight in my email inbox," writes Hiroshima. "As of today, I no longer control @N. I was extorted into giving it up." Hiroshima writes that a hacker used social engineering with paypal to get the last four digits of his credit card number over the phone then used that information to gain control of his GoDaddy account. "Most websites use email as a method of verification. If your email account is compromised, an attacker can easily reset your password on many other websites. By taking control of my domain name at GoDaddy, my attacker was able to control my email." Hiroshima received a message from his extortionist. "Your GoDaddy domains are in my possession, one fake purchase and they can be repossessed by godaddy and never seen again. I see you run quite a few nice websites so I have left those alone for now, all data on the sites has remained intact. Would you be willing to compromise? access to @N for about 5 minutes while I swap the handle in exchange for your godaddy, and help securing your data?" Hiroshima writes that it'’s hard to decide what’s more shocking, the fact that PayPal gave the attacker the last four digits of his credit card number over the phone, or that GoDaddy accepted it as verification. Hiroshima has two takeaways from his experience: Avoid custom domains for your login email address and don’t let companies such as PayPal and GoDaddy store your credit card information."

Sorry! There are no comments related to the filter you selected.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?