(Domain) Identity Theft…

I read an article in IT week about David Airey who had his domain stolen. There’s a summary of it here.

 Apparently this is occuring a lot and is being done in a rather clever way. David was logged in securely to his Gmail account but had another browser tab open which had insecure data within it, the script ran in the insecure window and pilfered his details from his Gmail account including details of his domain. The hacker then waited until David posted a blog to say he was going on holiday at which point the hacker then stole his identity and took over the domain (presumable freed the domain and then grabbed it).

David returned from holidays to find his domain gone and that he was losing business. The hacker got in touch to demand payment. David didn’t pay up but rather blogged about his experience and got the domain returned by the ISP.

The interesting thing for me here is how subtle the scam was and how it used a combination of different technologies. I’m sure there is a lesson there for all of us.

About willwoods
I'm Head of Learning and Teaching Technologies in the Institute of Educational Technology at the Open University.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: