You generally expect that a company that has your personal information — like your address, recent orders, and billing information — is going to treat that data with some level of care. While you know their privacy policy might still allow some sharing for marketing reasons, you don’t expect their customer service agents to divulge it to anyone who happens to call up and pretend to be you. [More]
social engineering
How Social Engineering Fooled Amazon Customer Service Reps Into Sharing A Customer’s Data
By 1.25.16
Fake Boss Wire Transfer Scammers Have Now Stolen $1.2 Billion From Companies
By 8.28.15
All year, we’ve been sharing information about a scam hitting companies all over the world, where very clever and resourceful scammers impersonate bosses and extract money on false pretenses. The best protection against this kind of fraud is education, and while law enforcement are doing their best to let people know about the scam, the number of victims is only increasing, and law enforcement estimates that the scammers have drained $1.2 billion worldwide from businesses’ bank accounts. [More]
Would A Shopping Cart Mirror Showing Your Fat Face Make You Buy More Vegetables?
By 8.30.13 — Updated: 5.15.14
Could you look yourself in the eye, then load your grocery cart up with root beer and ice cream bars? No, literally. Stakeholders ranging from from physicians to grocers want Americans to buy (and eat) more fresh produce and less junk food, but how can they do that without a complete overhaul of the food system? With gentle nudges. [More]
Try These Search Terms If You Want Some Malware
By 6.11.09
Computer virus company McAfee has assembled a list of the top search keywords that are most commonly linked to malware exposure. The winning phrases are: word unscrambler, lyrics, myspace, free music downloads, phelps, game cheats, printable fill-in puzzles, free ringtones and solitaire. In addition, the general categories that are considered riskiest are: screen savers, free games, work from home, Olympics, videos, celebrities, music and news.
Amex Wants To Play "Scam Call" With You, Please Participate
By 3.30.09
Update: It turns out the call was legit.
Reminder: Text Messaging Can Be Used For Scams, Too
By 1.14.09
This story from Jessica is a good reminder that scammers don’t care about the technology, they care about about fooling you. That means they’ll use whatever method is available—in this case, SMS.
Are You Sure You Want To Add That Facebook App?
By 3.27.08
Gregory writes in to point out that Facebook does a lousy job of monitoring the development of its third-party Platform applications—and in fact many of them are written so badly that they can be easily hacked. The examples he cites, which are listed in the winter issue of the hacker magazine 2600, are all fairly mild stunts like spoofing user IDs, changing the moods of another user, and re-routing gifts, “but this information could be used to mount large scale social engineering attacks if automated and coupled with other information.” To illustrate how easy it is to change another user’s settings, he pointed us to a YouTube example of how to change another users “mood” via the Mood app.
