RSS
Twitter
Stolen AT&T Credit-Card Info Used To Launch Phishing Scam
from the be-sure-and-thank-them dept
It's not at all surprising any longer to hear about companies leaking data, or losing it to hackers, so the other day's news that 19,000 customers' credit-card information had been stolen from AT&T wasn't particularly interesting. However, some more information has come to light, showing this wasn't a run-of-the-mill credit-card theft. David Lazarus in the SF Chronicle discovered that the hackers didn't immediately go and try to max out the credit cards, they used the stolen info as the basis for an elaborate phishing attack in an attempt to gather more information -- such as Social Security numbers and dates of birth -- from their victims. A lot of credit-card theft remains a relatively low-level crime, where thieves will just try to buy stuff as long as they can. But these hackers eschewed those short-term gains, instead trying to get enough information to commit more serious identity theft, something that could have much longer-lasting and detrimental effects. The used the stolen information to make the email they sent to victims look much more credible than the average "DEAR SIR, Pleease be updating in your PayPal akount informations" message. Given people's growing suspicion of emails, even legitimate ones, it's an interesting tactic, and one that could become more common.
Reader Comments
(Flattened / Threaded)
About time
that people started to understand the credit fraud game...
(reply to this comment) (link to this comment)
pHlounder...
(reply to this comment) (link to this comment)
pHLounder...
You're a fake.
I don't believe anything you write, because I don't believe you are really you. :-P
(reply to this comment) (link to this comment)
pHLounder...
You're a fake.
I don't believe anything you write, because I don't believe you are really you. :-P
(reply to this comment) (link to this comment)
Heh @ 2,3, abd 4
and here I thought the stutter was limited to audible communication.
(reply to this comment) (link to this comment)
Re: Heh @ 2,3, abd 4
rrooffll
(reply to this comment) (link to this comment)
Perfect! Now to really protect yourself just leave your name, SS#, DL#, Mother's maiden name, and Bank acct#'s. I'll take real good care of you. ^^
(reply to this comment) (link to this comment)
woah woah woah woah
"DEAR SIR, Pleease be updating in your PayPal akount informations"
doesnt any one else realize that there a million typos in 1 sentence. i probably already have a million to, but would u give info to a company that spells words wrong??
(reply to this comment) (link to this comment)
Re:
wow u dont get wut he meant when he said that do you?
(reply to this comment) (link to this comment)
Re:
... Are you serious? He was saying that that is the usual crap these scammers spout, and that adding a credit card number makes an email allot more credible.
(reply to this comment) (link to this comment)
This is new?
I mean we've had forgers for a very very very long time.
(reply to this comment) (link to this comment)
Re
duh
(reply to this comment) (link to this comment)
AT&T
AT&T is in on the scam. Follow the money. Even if you do
not have a credit card (if you do cancel it) with them; call and say there has been a mistake in your account and they have sent you a bill for a purchase you did not make.
First thing they will ask you for, even after giving them
an account number(make one up); is your social security number.
(reply to this comment) (link to this comment)
Add Your Comment