Technology

Extortion Over $50,000 Twitter Handle Sets a Chilling Precedent

Former Staff Writer
2 min read

Twitterverse, take heed: The caché of possessing a highly sought-after Twitter handle has apparently escalated to the extent that hackers are now prepared to extort users for access to their usernames.

The California web developer Naoki Hiroshima, for instance, says he was offered as much as $50,000 for his account, @N, while attempts to steal the name were recurrent. In a post published today, he recounts the cunning and systematic machinations that ultimately forced him to relinquish @N after a hacker compromised both his PayPal and GoDaddy accounts.

Hiroshima had registered @N back in 2007. His new handle? @N_is_stolen.

Related: The Only Thing Scarier Than Self-Driving Cars Are the Hackers Waiting to Attack Them 

Initial attempts to access the account were fairly pedestrian. A hacker contacted Hiroshima through Facebook messages asking him to change his Twitter login info, and then e-mailed Twitter in an attempt to reset the email address and password.

When Twitter demanded more information, the hacker set his sights on Hiroshima’s GoDaddy account, which comprised various domain names that he’d paid for with a credit card attached to a PayPal account. Here’s where it gets scary: The hacker later admitted in an email to Hiroshima that he’d simply called PayPal and “used some very simple engineering tactics” on one of its agents to obtain the last four digits of Hiroshima’s credit card over the phone.

Related: Uh, Did Your Refrigerator Just Send Me an Internet Virus? 

Then, in order to poach the GoDaddy account, the hacker told a GoDaddy agent that, “I had lost the card but I remembered the last four.” In a terrifying turn, the agent then allowed the hacker to simply guess the first two digits of the card number -- all that was needed in order to gain complete access to Hiroshima’s domains. “I got it in the first call,” the hacker later admitted -- part warning, part boast. “Most agents will just keep trying until they get it.”

According to Hiroshima, the experience sets a chilling precedent: “To avoid their imprudence from destroying your digital life,” he wrote, “don’t let companies such as PayPal and GoDaddy store your credit card information.”

Related: Target's Security Breach Stresses the Need for Better Cyber Security

More from Entrepreneur

Dustin's experience and expertise can help you monetize your message, build a marketing strategy and connect with influencers.
Book Your Session

In as little as seven months, the Entrepreneur Authors program will turn your ideas and expertise into a professionally presented book.
Apply Now

Are paying too much for business insurance? Do you have critical gaps in your coverage? Trust Entrepreneur to help you find out.
Get Your Quote Now

Latest on Entrepreneur

My Queue

There are no Videos in your queue.

Click on the Add to next to any video to save to your queue.

There are no Articles in your queue.

Click on the Add to next to any article to save to your queue.

There are no Podcasts in your queue.

Click on the Add to next to any podcast episode to save to your queue.

You're not following any authors.

Click the Follow button on any author page to keep up with the latest content from your favorite authors.