French President has his bank account hacked! Is yours next?
As I discussed in an earlier blog hacking is big business today. What started off as a mere game has turned into all out warfare. It seems its victims are sometimes quite famous.
Tom Corelis (Blog) – October 21, 2008 7:15 AM
Swindlers run off with a bit of Sarkozy’s cash
“Swindlers” broke into the personal bank account of French President Nicolas Sarkozy, said a Cabinet spokesman, and made off with a small sum of money.
The incident proves that bank accounts “[aren’t] infallible,” said spokesman Luc Chatel, and that even world leaders are vulnerable to simple bank thieves.
“An inquiry is underway, the President of the Republic has filed a complaint,” he told France’s Radio J, “We will see if there was fraud in a way in which the perpetrators can be sanctioned.”
Details on how Sarkozy’s account was broken into are unclear. An unnamed AFP source “close to the inquiry” called the theft a “classic case of data piracy, likely by one or several low-level swindlers,” and that it was unlikely the thieves were aware of just who the account belonged to.
Officials have “not excluded” the possibility of misconduct by Sarkozy’s bank, noting that they are considering penalties for the “misuse” of Sarkozy’s personal data.
“When one gives personal information to one’s bank, it is not so the information is used for marketing or recruiting purposes, or that it should be divulged here or there,” said the source.
A number of sources report that the break-in may have been the result of an internet scam, and Sarkozy’s office confirmed that Parisian fraud officers are on the case.
It appears that Sarkozy did not unknowingly give away his bank account data. While officials confirmed that the thieves discovered Sarkozy’s account number, it is not known how they obtained his password – or if they even needed it.
I actually saw this posted yesterday on a different site and there was no mention of any money being taken. As in my earlier blog it appears that someone was most likely taken by some form of social engineering. It really is quite easy to do and it often goes unnoticed. Why its so easy is because people not in the know are in charge of too much personal information on accounts held be companies. There is little training and when you call in its easy to trick the person into giving out this personal info.
In fact just last night I was greeted by Microsoft’s counter-measures to this trick:
When Windows Vista was released last year I bought the Ultimate 64 bit version. At the time this seemed like a good choice. Now I wish I hadn’t wasted the money. But during the first few months they were offering a special in which you could purchase 3 additional licenses. This intrigued me and so I took the bait. I installed these extra copies on my wifes computer and a few other computers I had. It was convenient and worked well. Thats until last night when I had formatted my wifes computer and as an option not entered in the serial number. I couldn’t find where I had put the number, it was sent in an email almost 2 years ago! Thanks to Microsoft Outlook and a really poor default option(the one that downloads emails off the server instead of leaving a copy) the email was downloaded to one of my computers before I changed the setting. 2 years ago is a long time for my computers and thus it has been formatted several times since. There goes my proof that I bought the licenses!
So I am calling to get the email resent. I call the support number and was greeted. The person asked my name and then looked up my “file” I asked what information they had on me and then I changed my home address and email address. There was no security. Then I was told for the information I needed I would have to dial another number.
This time I was greeted with security but not told I was. I was asked for my home address and I told them my current. Wrong he said. So I tell them my work address and again I was wrong. I pointed out that no, in fact, you are wrong that is where I live and work! I was to provide the correct address. So I said a 3rd address my old apartment when I was in school. Wrong again! Well now I am told I am out of guesses and that I am violating their security protocols. I was like hmm. Well that doesn’t sound very secure. I pointed out that I am in real estate and finding someones addresses like that isn’t secure at all. Then he said that in fact many people dig through garbage to get this information but I wasn’t “quick” enough with mine.
This all seemed really weird to me. I pointed out the obvious flaws and even offered a solution but alas that is the system they use. I am still waiting for my serial numbers that I paid for. I am hoping a supervisor will sort this out. I was told I would be called in 24 hours. Tick Tock.
I also don’t want Microsoft to have my personal information. I didn’t know they had a file on me nor do I want them to have a file.
