Re: Identity Theft

To: debian-user@lists.debian.org
Subject: Re: Identity Theft
From: Polyna-Maude Racicot-Summerside <debian@polynamaude.com>
Date: Tue, 21 Dec 2021 18:39:08 -0500
Message-id: <[🔎] 8650f4d0-d3e9-40f3-3658-2dde25368034@polynamaude.com>
In-reply-to: <[🔎] 2d25bf52-7e69-081a-940b-c4aee3eb4d7f@googlemail.com>
References: <[🔎] 202112201032.31524.rhkramer@gmail.com> <[🔎] 20122021192509.6807369e9dc0@desktop.copernicus.org.uk> <[🔎] 202112202059.59274.rhkramer@gmail.com> <[🔎] 8c360b4c-42fb-f7de-96ab-b6958c31e2f9@ardley.org> <[🔎] 84wnjyt271.fsf@example.com> <[🔎] 2d25bf52-7e69-081a-940b-c4aee3eb4d7f@googlemail.com>


On 2021-12-21 5:23 p.m., tv.debian@googlemail.com wrote:
> Le 21/12/2021 à 16:20, Richmond a écrit :
>> Jeremy Ardley <jeremy@ardley.org> writes:
>>
>>> On 21/12/21 9:59 am, rhkramer@gmail.com wrote:
>>>> On Monday, December 20, 2021 02:28:13 PM Brian wrote:
>>>>> On Mon 20 Dec 2021 at 10:32:31 -0500, rhkramer@gmail.com wrote:
>>>>>> My identity has been stolen, and although it has nothing to do with
>>>>> [...]
>>>>>
>>>>> May we know the URL of the financial website you contacted and the
>>>>> help number you phoned.
>>>> The website is troweprice.com, and the phone number is 855/654-5324.
>>>>
>>>> It looks like I didn't record the actual URL that I was on, but I
>>>> don't think
>>>> you could see that exact page in any case as it was an https page
>>>> and one that
>>>> showed my account numbers and balances.
>>>>
>>>
>>> There is a type of attack called cross-site scripting (XSS). It's
>>> mostly been eliminated by latest version browsers, but there are
>>> always zero-day vulnerabilities.
>>>
>>> The effect is that if you are vulnerable and have two tabs open, one
>>> to the legitimate site, and one to a bad guy site, the bad guy can
>>> alter your trusted site and for instance change a valid link into
>>> something malicious, or change a displayed phone number.
>>>
>>> More at https://owasp.org/www-community/attacks/xss/
>>
>> That doesn't explain how the phone log showed the correct number had
>> been dialled. I suppose it is possible a call was in progress or came in
>> at the exact moment that the number was dialled. But then how did the
>> number get logged as a call?
>>
> 
> One possiblity is that the target (recipient of the call) company
> internal communication network was compromised. That happens quite
> often, not as much as mail servers but it is still not unknown.
> 
This was a pretty popular form of hacking from the 1980 up to mid 2000.
As soon there was some automatic exchange, people found ways to act them
and more programmable they were, the more hacked happened. Call
redirection is not unknown of and not because there's new way of hacking
that the old one stop being used.


-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

References:
- Identity Theft
  - From: rhkramer@gmail.com
- Re: Identity Theft
  - From: Brian <ad44@cityscape.co.uk>
- Re: Identity Theft
  - From: rhkramer@gmail.com
- Re: Identity Theft
  - From: Jeremy Ardley <jeremy@ardley.org>
- Re: Identity Theft
  - From: Richmond <richmond@criptext.com>
- Re: Identity Theft
  - From: "tv.debian@googlemail.com" <tv.debian@googlemail.com>

Prev by Date: Re: Identity Theft
Next by Date: biqu bx 3d printer ??
Previous by thread: Re: Identity Theft
Next by thread: Re: Identity Theft
Index(es):
- Date
- Thread