+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
General Chat Thread, How i lost my $50,000 twitter username in General; How i lost my $50,000 twitter username i think this is ridiculous, security should be 1000000 x better, wouldn't expect ...
  1. #1

    Join Date
    Dec 2013
    Posts
    13
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0

    How i lost my $50,000 twitter username

    How i lost my $50,000 twitter username

    i think this is ridiculous, security should be 1000000 x better, wouldn't expect it from paypal.

  2. #2

    featured_spectre's Avatar
    Join Date
    Nov 2008
    Posts
    12,504
    Thank Post
    1,684
    Thanked 2,054 Times in 1,491 Posts
    Blog Entries
    2
    Rep Power
    464
    That is a good read. Definitely wouldn't expect that from a company such as paypal.

  3. #3

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,214 Times in 761 Posts
    Rep Power
    395
    I would. I stopped trusting PayPal a long time ago. Thery tout it as a safer way to buy but you actually have fewer consumer protections when buying something via PayPal then just buying it on credit card. Even if you have 2FA enabled they allow you to bypass it with security questions, and many of their security questions are the sort of "mothers maiden name" rubbish (the answer to which is on public record, for crying out loud. Pro tip: use made-up answers to these that only you know).

  4. #4

    X-13's Avatar
    Join Date
    Jan 2011
    Location
    /dev/null
    Posts
    9,839
    Thank Post
    669
    Thanked 2,188 Times in 1,493 Posts
    Blog Entries
    19
    Rep Power
    900
    Quote Originally Posted by AngryTechnician View Post
    Pro tip: use made-up answers to these that only you know
    This is what I do. Hasn't caused any problems so far. [I'm surprised I remember them...]

  5. #5

    AMLightfoot's Avatar
    Join Date
    Feb 2011
    Location
    Hampshire, England
    Posts
    2,253
    Thank Post
    427
    Thanked 671 Times in 417 Posts
    Rep Power
    273
    This article horrified me. I actually feel sick now.

  6. #6

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,529
    Thank Post
    527
    Thanked 2,648 Times in 2,049 Posts
    Blog Entries
    24
    Rep Power
    925
    That's horrendous. I hope Paypal and Godaddy sort it out and compensate him, and that Twitter recover his handle!

  7. #7

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    11,521
    Thank Post
    1,532
    Thanked 2,639 Times in 1,827 Posts
    Rep Power
    814
    I have to have a whole scenario in my head - my mum's name, where I went to school etc etc in order to remember the fake securit answers
    It works though

  8. #8

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    9,442
    Thank Post
    701
    Thanked 2,302 Times in 1,063 Posts
    Blog Entries
    23
    Rep Power
    678
    Unfortunately consumer security must apply to lowers standards than those we are used to in IT.
    Besides, who uses GoDaddy and surely they had a backup of their work off-server.
    I would have gone 'nah' kept the Twitter tag and sorted it all out with PayPal and GoDaddy. You can get there eventually, especially if you have an evidence trail.
    Besides, if their Twitter tag has been extorted out of them then surely it would be easy to recover it legally and prosecute (if possible) those responsible.

  9. #9

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,529
    Thank Post
    527
    Thanked 2,648 Times in 2,049 Posts
    Blog Entries
    24
    Rep Power
    925
    Quote Originally Posted by Dos_Box View Post
    Besides, who uses GoDaddy and surely they had a backup of their work off-server.
    They have 31% of the market with ICANN - by far the largest share. So, a heck of a lot of people do it.

    I would have gone 'nah' kept the Twitter tag and sorted it all out with PayPal and GoDaddy. You can get there eventually, especially if you have an evidence trail.
    Besides, if their Twitter tag has been extorted out of them then surely it would be easy to recover it legally and prosecute (if possible) those responsible.
    Indeed. I'd guess this would be a case for the FBI to deal with!

  10. #10

    Oaktech's Avatar
    Join Date
    Jul 2011
    Location
    Bournemouth
    Posts
    3,217
    Thank Post
    943
    Thanked 645 Times in 504 Posts
    Rep Power
    288
    GoDaddy has a market share because their service is fast, acceptably cheap, and easily accessible. I use them!

  11. #11
    Tesla's Avatar
    Join Date
    Nov 2013
    Location
    Milk 'n' Beans
    Posts
    1,356
    Thank Post
    163
    Thanked 270 Times in 197 Posts
    Blog Entries
    1
    Rep Power
    84
    Very good read, what worries me is that the attacker knew about the workarounds, so must have been done before to other users.

  12. #12
    d0pefish's Avatar
    Join Date
    Jul 2012
    Posts
    341
    Thank Post
    0
    Thanked 117 Times in 38 Posts
    Rep Power
    68
    I'd have thought with those emails showing he was extorted in to it that would be proof enough (OK I know emails can be faked, but in this case to what gain). He could also draw on the proof of credit card details being changed, account info being changed to prove it was extorted.
    With this being in the US (I assume) he'll no doubt sue the relevant companies and make money.

    Plus, the username wasn't technically worth $50k. It might have been at that point in time one person offered him that amount, but surely it is only worth what someone is willing to pay at the present time.

  13. #13
    Arcath's Avatar
    Join Date
    Feb 2009
    Location
    Lancashire
    Posts
    982
    Thank Post
    103
    Thanked 117 Times in 102 Posts
    Rep Power
    74
    This isnt a new flaw either, this article from 2012 had the same entry point: How Apple and Amazon Security Flaws Led to My Epic Hacking | Gadget Lab | Wired.com Amazon gave out the last 4 credit card digits and apple took them as proof.

  14. #14
    CAM
    CAM is offline

    CAM's Avatar
    Join Date
    Mar 2008
    Location
    Reigate Area, Surrey
    Posts
    4,428
    Thank Post
    884
    Thanked 416 Times in 316 Posts
    Blog Entries
    61
    Rep Power
    328
    Hmmm, and there was me thinking of moving most of my online life to my own domain. I better check with CSN as to how attack-proof I am. :/

    Just updated my SOA TTL to a week...
    Last edited by CAM; 29th January 2014 at 02:44 PM.

  15. #15

    Danp's Avatar
    Join Date
    Jul 2011
    Posts
    1,467
    Thank Post
    78
    Thanked 170 Times in 150 Posts
    Rep Power
    148
    Not quite the same money involved, but I had 100 domain names 'stolen' from me in a similar scam about 5 years ago lost the domains and the money



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Lost my NAS?
    By El_Nombre in forum Wireless Networks
    Replies: 10
    Last Post: 21st October 2008, 11:38 AM
  2. LOST MY DRIVE
    By sunpush in forum Hardware
    Replies: 4
    Last Post: 7th October 2008, 12:18 PM
  3. How to move my Domain
    By button_ripple in forum Windows Server 2008
    Replies: 2
    Last Post: 12th July 2008, 11:09 PM
  4. They lost MY laptop *cry*
    By greenfieldsupport in forum General Chat
    Replies: 30
    Last Post: 23rd November 2007, 11:19 PM
  5. Lost my serial
    By CyberNerd in forum *nix
    Replies: 2
    Last Post: 30th June 2006, 02:27 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •