The Major Security Problem Almost None Of Us Are Prepared For

Photo: Courtesy Amazon.
Passwords are notoriously not good at keeping our digital accounts secure, but there's another threat to your favorite online accounts that you may never have imagined: customer service representatives.

You can have a long, inventive password and two-factor authentication switched on, but if someone really wants to get at your bank account, Amazon account, or Apple account (among others), all they need to do is a little Googling and some clever social engineering.

Such is what happened to an Amazon user named Eric Springer. Springer got a strange email notification from Amazon one day that said, "Thank you for contacting us." He reached out, and got access to the online chat transcript. What he read, and realized, blew his mind: Someone had found his contact information and used it to impersonate Springer in a chat with an Amazon representative, gaining access to more of his personal information. The person then used that information across other services, including convincing Springer's bank, to send themselves a new credit card under his name. A similar instance happened again a few months later.

"At this point, Amazon has completely betrayed my trust three times," Springer writes on Medium. "I have done absolutely everything in my power to secure my account, but it’s hopeless." You can read his full story here.

This isn't the first time something like this has happened. A formerWIRED senior staff writer had an even more traumatic social engineering hack experience several years ago. A hacker gained access to his Amazon account, then used that information to access his Apple account, his Gmail, and his social media accounts. You can read about the fascinating nightmare (which, among other things, resulted in the hacker deleting his child's baby pictures when they remotely wiped his Apple devices) here.

Women targeted by Gamergate, such as Anita Sarkeesian and Brianna Wu, have also had to deal with these types of hacking attempts.

What can you do to make yourself less vulnerable to this kind of attack? First, keep your information private — don't share your phone number or home address publicly online anywhere. Second, if you have the ability to use different addresses for different accounts, do it. While Springer's hacker was able to glean his actual shipping address (which matched his bank information) through his chat with an online representative, having a shipping and banking address that don't match is one more hurdle an attacker has to go through. Third, make sure you have email or text notifications turned on for services that involve your credit card or bank account. That way, the moment an unusual transaction occurs, you know instantly, and can deal with it before it escalates.

Being hacked is an unfortunate reality of today's world. It's not a matter of "if," but "when." But with the right precautions in place, and companies (hopefully) getting smarter about protecting consumers, you can minimize the chances of getting hacked, and the negative effects when it does.
Advertisement

More from Tech

You may start to notice your Uber drivers snapping a lot of selfies, but it doesn't necessarily mean that you're riding with an Instagram addict. Your ...
Snapchat CEO Evan Spiegel announced that the company has developed new video-enabled sunglasses, called Spectacles, and will subsequently be rebranding ...
You're at 20,000 feet, and you realize your flight doesn’t have WiFi — which wouldn't be a big deal, except you forgot your book at home, and none of your ...
GENERATION STARTUP presents Women In Tech, an episode of an exclusive web series with footage left on the cutting room floor. The feature documentary ...
It's a sad but true fact that a bad commute — one where you just miss the bus or subway — has the power to ruin your day. More often than not, these near...
When you think of playing a video game, what comes to mind? Is it a raucous game of Wii Bowling when you were in college? Hours spent on your Game Boy ...
If you're a Yahoo user (or ever have been), you'll want to change your password ASAP — and not just on that Yahoo account. Today, the company confirmed ...
(Paid Content) Refinery29 is now on Versy, a messaging and content-sharing app made for busy people like us
There are two types of people in this world: the zero-inbox purists, and the ones with hundreds (or even thousands) of unread messages in their inbox. ...
It may seem like your car hasn't let you down. But apparently, all these years, you've been driving a vehicle suited for the wrong gender. At least that's ...
The iPhone 7 may not be a mystery anymore, but the hype surrounding it is far from gone. Now that we know what it looks like (hello, new camera) and what's...
Without a doubt, dating in 2016 is an art form. If you’re single and looking for love, you know where the scene is. It’s online. (Unless you’ve made it ...
Instagram's latest update includes a tool that's ideal for every perfectionist — or anyone who spends time editing a photo in the app, only to get ...
I was doing my usual routine of scrolling through Instagram while eating my lunch when I saw a truly disturbing image: The now-10-year-old boy I used to ...