Skip to content


August 28, 2008

Herbert Thompson is a professor, software developer, author of books on IT security and is chief security strategist of a security consultancy firm in New York.  He writes about how he conducted an experiment to test vulnerabilities of individuals’ banking accounts using data extracted from the Internet: ‘How I Stole Someone’s Identity’

As a professor, a software developer and an author I’ve spent a career in software security. I decided to conduct an experiment to see how vulnerable people’s accounts are to mining the Web for information. I asked some of my acquaintances, people I know only casually, if with their permission and under their supervision I could break into their online banking accounts. After a few uncomfortable pauses, some agreed. The goal was simple: get into their online banking account by using information about them, their hobbies, their families and their lives freely available online. To be clear, this isn’t hacking or exploiting vulnerabilities, instead it’s mining the Internet for nuggets of personal data. Here’s one case. I share it here because it represents some of the common pitfalls and illustrates a pretty serious weakness that most of us have online.  Continue here

It took him just seven steps.

2 Comments leave one →
  1. August 29, 2008 1:08 pm

    Oh my! Really scary, isn’t it?

  2. August 29, 2008 1:30 pm

    It’s a necessary trade-off, I suppose. Goodbye to the privacy we used to know. But it’s useful to know how we could at least secure our bank accounts hehe if it’s the last thing left to secure.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: