Account Hack: Anyone Can Be a Victim

by lg0p89

Any account can be hacked.

The attacker may use a tool for the password, a rainbow table, or other items to gain access.

On a simpler level, the attacker may simply guess the password from social media clues.  The motivation for this may be political (Sarah Palin's email account), for military intellectual property (a certain fighter plane), to gain access to a celebrity's email (Madonna and her stolen album), or a myriad of other reasons.

These breaches can be mundane or malicious.

Recently, I was the victim of the latter with one of my PayPal accounts being compromised.  I quite frankly have no idea how he would have acquired my passcode.  The websites visited are not exciting or on the fringe.  This account was only used twice in the distant past.  Prior to this, I had not had an issue.

Background

In March of 2015, I received an email from PayPal.

This was a bit unusual due to this account not really being used.  The only other emails that had been received had been when the account was opened and one or two other occurrences.  Initially, I thought this was yet another phishing attempt and expedition.  Everyone receives these from various sources from across the planet.

After review of the header and the IP, it was determined this actually was from PayPal,.  The email stated that my account had been limited.  With this being one of the PayPal accounts, I thought it was due to lack of use and did not think much of it.

The next day, I received the same message from PayPal, which was strange.  The same authentication method was used for the second email, which was also truly from PayPal.

Another week brought a new message indicating my address had changed to:

25883 North Park Ave. - Unit A24509
Elkhart, Indiana

To ensure this was from PayPal, the email was authenticated.  I have driven through Indiana, stopped occasionally, but do not know anyone living there.  What also piqued my interest, other than the obvious, was that the unit number was unusual.  It appeared this was not a suite or a unit from a multi-unit building due to the format.

Nerdy Sherlock Holmes

Anyone would be somewhat interested in what was going with their PayPal account, but the fact pattern made this more curious.  At this point, I knew the PayPal account had been compromised and also knew something had to be done.  If this person was willing to do this to me, anyone else would be fair game.  This would be inherently unfair.

As much as Google is criticized, it is still a fantastic tool to gain information.

The first step was to find out what was at the address.  This would answer a few rudimentary questions first, which would limit the scope of my further investigation.  If it were to be a residence, I would be able to get his/her cell phone numbers, email addresses, landline numbers (if applicable), where they work, their spouse's and children's names, and other creepy information.

The address turned out to be the site of Viabox.  This entity provides a U.S. address and post office box.  This allows whomever living wherever on the globe to receive mail that normally they would not be able to receive, as there are firms that don't ship outside of the U.S.  I am sure all of their clients are completely law abiding and are not using the service to bypass or circumvent the applicable laws of the U.S. and respective states.

Viabox was contacted and informed of the circumstances on later that day.

The representative at Viabox emailed back that they were sorry to hear about this and they work closely with "...several authorities to prevent fraudulent activities..."

The response appeared to be a bit canned, as if this was not the first time they had received an email like mine.  The fun aspect of this (for me) was I was able to secure the box owner's name (Firman Aulia) from Jakarta, Indonesia and his email address (firmanthole555@gmail.com).

The company thankfully stated, "We have sent a heads up on this with our Management and will cease shipping to this customer moving forward."

Summary

Technology is your friend.

If someone elects to try and harm you, there are many ways to track them.

Using basic social engineering, packet tracing, and other rudimentary tools, anyone is able to get the attacker's name, physical address, and where they are using their computer from.

Return to $2600 Index