As the worldwide web becomes ever more popular, hackers are finding new ways to gain access to everything that they want – including our domain name and social media accounts.
While the details provided in any one account may not seem like much, any information could be dangerous in the hands of today’s hackers. In fact, many of the criminals focusing on web-based accounts will now target the weakest links or “easiest” options in order to get what they really want.
That was recently the case for internet entrepreneur Naoki Hiroshima, who found himself the victim of an elaborate Twitter account theft in January 2014.
His Twitter username, @N, was worth up to $50,000 and he regularly dealt with people trying to buy or steal it.
While Hiroshima was used to resetting his Twitter password, the thieves that eventually took his account actually did so by first hacking into his other accounts – including domain name registrar and web hosting service GoDaddy.
“While eating lunch on January 20, 2014, I received a text message from PayPal for one-time validation code. Somebody was trying to steal my PayPal account. I ignored it and continued eating,” Hiroshima explains in a post on Medium.
“Later in the day, I checked my email which uses my personal domain name (registered with GoDaddy) through Google Apps. I found the last message I had received was from GoDaddy with the subject “Account Settings Change Confirmation.””
When Hiroshima tried to log in to his GoDaddy account, he found it impossible and called the company’s support service. Following the security procedures in place, they asked for the last six digits of his credit card. But the thieves had already changed those details on his account.
“In fact, all of my information had been changed. I had no way to prove I was the real owner of the domain name,” he says.
Online Account Theft Support
After a month of reports to GoDaddy, PayPal, Twitter and various other companies and services, Hiroshima has now got the @N username back, but this story serves as a warning for everyone with accounts online.
Whether it is your PayPal, Twitter, Google or even your web host provider account details, it is important to be aware of the protection available as well as the potential damage a breach brings with it.
Even if security and support services seem strong, there could be ways for hackers to take advantage of them, as Hiroshima’s failed attempt to verify his GoDaddy account details highlights.
Similarly, recent research has shown that password encryption and the security that is supposed to be offered by https sites has been compromised, with authorities now urging people to change all their passwords to reduce the risk of hacking.
Online accounts and resources have become some of the most valuable commodities we have, and it is clear even experienced businesspeople can fall prey to security attacks.
So whether you have one domain name, a hundred, or even just a social media presence, internet security is one of the most important things to check and review regularly.