How to pwn Anyone

By
Services for Real Estate Pros with IDTheftSecurity.com Inc

Define Pwn: Pwn is a slang term derived from the verb own, as meaning to appropriate or to conquer to gain ownership. The term implies domination or humiliation of a rival. And when it’s done by hacking email, the person is effectively pwned. No matter how “private” you are on the Internet, no matter how infrequently you post on your Facebook page—even if you don’t have a Facebook account—your life can be hacked into as long as you own just one password—and the ability to be tricked.

Such was the case of Patsy Walsh, reports an article at bits.blogs.nytimes.com. She gave a few white hat hackers permission to try to hack into her life, and they accomplished this in under two hours, without even entering her house. She figured it would be next to impossible because she had no smart gadgets in the home and rarely posted on her Facebook page.

The “ethical” hackers, part of a security start-up, quickly found Walsh’s Facebook page (which presumably contained personal information such as her town, since there’s many “Patsy Walsh” accounts).

The scarcely posted-to account, however, revealed that she had liked a particular webpage. Based on that information, the hackers phished her and she took the bait, giving up a password, which happened to be for many of her accounts.

The good guy hackers were then invited into her home where they easily obtained her garage door opener code with the brute force attack, but even scarier, cracked into her DirecTV service because it didn’t have a password. Such a breach means that the hacker could control the TV remotely: Running a porn movie while the homeowner’s grandmother is visiting.

They also found Walsh’s passwords tacked onto her computer’s router. The exposed passwords allowed them to get into Walsh’s and her daughter’s e-mail accounts. From that point they got ahold of Walsh’s Social Security number, PayPal account, insurance information and power of attorney form.

She was probably thinking, “Well of course! They’re professional hackers and I let them inside!” But the hackers also discovered that there were about 20 malicious programs running on her computer. Their recommendations to Walsh:

  • New garage door opener
  • Password for DirecTV
  • Password manager to create unique passwords for all of her accounts
  • Security software always kept updated
  • Two-step authentication when offered
  • A nice lecture on phishing attacks

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.

close

This entry hasn't been re-blogged:

Re-Blogged By Re-Blogged At
Topic:
ActiveRain Community
Tags:
online privacy
online safety
online security

Spam prevention
Submit
Show All Comments
Rainmaker
748,726
Rob D. Shepherd
Windermere/lane county - Florence, OR
Principal Broker GRI, SRES

I guess my 2cans and string phone system is not safe. I will quit writing my passwords under the toilet tank lid. Nothing is safe. Thanks for sharing a real  eye opener.

Nov 27, 2015 10:07 PM #1
Ambassador
4,524,798
Kathy Streib
Room Service Home Staging - Delray Beach, FL
Home Stager - Palm Beach County,FL -561-914-6224

Robert- I'm even concerned about Password Managers because can't they be hacked???

Nov 28, 2015 09:02 AM #2
Rainmaker
3,239,397
John Pusa
Berkshire Hathaway Home Services Crest - Glendale, CA
Your All Time Realtor With Exceptional Service

Robert Siciliano Thanks for the warning about  "PWN"

Nov 28, 2015 09:40 AM #3
Ambassador
3,722,076
Patricia Kennedy
RLAH Real Estate - Washington, DC
Home in the Capital

Rboert, phishing attacks are so easy to fall prey to!  These guys can be sooo clever!

Nov 28, 2015 09:38 PM #4
Show All Comments
Back to Top

What's the reason you're reporting this blog entry?

Are you sure you want to report this blog entry as spam?

Rainmaker
933,414

Robert Siciliano

Realty Security and Identity Theft Expert Speaker
Ping me to book a program for your group
*
*
*
*
Submit