Stolen AT&T Credit-Card Info Used To Launch Phishing Scam
from the be-sure-and-thank-them dept
It's not at all surprising any longer to hear about companies leaking data, or losing it to hackers, so the other day's news that 19,000 customers' credit-card information had been stolen from AT&T wasn't particularly interesting. However, some more information has come to light, showing this wasn't a run-of-the-mill credit-card theft. David Lazarus in the SF Chronicle discovered that the hackers didn't immediately go and try to max out the credit cards, they used the stolen info as the basis for an elaborate phishing attack in an attempt to gather more information -- such as Social Security numbers and dates of birth -- from their victims. A lot of credit-card theft remains a relatively low-level crime, where thieves will just try to buy stuff as long as they can. But these hackers eschewed those short-term gains, instead trying to get enough information to commit more serious identity theft, something that could have much longer-lasting and detrimental effects. The used the stolen information to make the email they sent to victims look much more credible than the average "DEAR SIR, Pleease be updating in your PayPal akount informations" message. Given people's growing suspicion of emails, even legitimate ones, it's an interesting tactic, and one that could become more common.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
About time
[ link to this | view in chronology ]
pHlounder...
[ link to this | view in chronology ]
pHLounder...
I don't believe anything you write, because I don't believe you are really you. :-P
[ link to this | view in chronology ]
pHLounder...
I don't believe anything you write, because I don't believe you are really you. :-P
[ link to this | view in chronology ]
Heh @ 2,3, abd 4
[ link to this | view in chronology ]
Re: Heh @ 2,3, abd 4
[ link to this | view in chronology ]
[ link to this | view in chronology ]
"DEAR SIR, Pleease be updating in your PayPal akount informations"
doesnt any one else realize that there a million typos in 1 sentence. i probably already have a million to, but would u give info to a company that spells words wrong??
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
This is new?
[ link to this | view in chronology ]
Re
[ link to this | view in chronology ]
AT&T
not have a credit card (if you do cancel it) with them; call and say there has been a mistake in your account and they have sent you a bill for a purchase you did not make.
First thing they will ask you for, even after giving them
an account number(make one up); is your social security number.
[ link to this | view in chronology ]