Here is just another reason why it is not a good idea to litter the web with your personal information - intentionally or otherwise.
It is amazing how the bits of information available here and there on the web makes it easy for someone’s identity to be compromised. Social networking sites like facebook, myspace and the likes make it way too easy for the identity thieves to gather as much information as they like from the individual’s profile, especially the unsuspecting who think what harm could there possibly be in posting their pictures from times immemorial to mentioning about their likes, dislikes, favorite movie and what not!
Have a think about the secret questions to your bank account, especially if one of them is the pet name mentioned on your orkut profile.
October 5th, 2008 at 7:26 am
Yes i do agree and have a think about special feauture “hide profile visit” that orkut think is good.Using this feature a user can view profile of somone without knowing his victim,oh yes i know orkut says while hide profile visit feauture is on u can also not see who has visited yr profile.
Now even a kid who isnt very good in terms of hacking skills can use this tricky feauture to spy on his victim profile and poor victim would never know who visited his profile.,then he can visit victims friends profile and read personal information and by linking small pieces of information for example scraps,scraps of friends,hobbies and as ipabla said name of yr pet being choosed by you as yr bank secret answer can used to clean yr bank balance over night.So i request to everyone who is reading never provide personal details on web unless you are sure who would have access to information and how your personal details would be protected.Identity Theft is a smart weapon that hackers are using nowadays to gain financial benefits.
Two common tricks that can be used to gain personal information and are in use in developing countries such as India,sri lanka but not limited only india and srilanka,following tricks can be used in developed countries also
1. someone obtains your mobile number from the register of levis/any retail store where u bought your jeans and left feedback and signed the book.
then someone rings u and claim>hey we have got a package from ICC bank/bank of america(social enginers can use any banks name) and we need to confirm your name and address please.
Now people here in india most of the time give up their details not because people are stupid here that is because people arent aware of scams and identity theft at large scale only few educated people here knows the importance of protecting privacy,Other reason is this indians love to invade privacy of each other lol just joking but it is true that habbits make big difference in life,specially the way u think.
second common trick is free pizza
get a phone number from any social networking site(trust me u would find bag full of stupid people who call themselves smart even when they display their mob numbers on social networking sites)
ring ring hey its me baldev/harry from desi pizza/dominos pizza shop lol do u have anyone in your home with a name that starts with letter “D”(remember u already know who have got name that starts with D because u have seen the profile of your stupid victim on orkut/facebook)
haan jee/yes we have but why do u want to know?
That is because dominos pizza shop is running a promotion of the day and we are giving free pizza’s to every one in this area who has his/her name starting with “D” but you would have to confirm your name and address over phone and on delivery on pizza you must show a valid proof of adress.
Now I dont want free pizza but i feel sorry for those who would like to eat free pizza.
Cheers
Tarun Dhalwal(soon i would have my own blog on social engineering and other important security issues.)