If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Global Geopolitics)   We've absolutely no farking idea if you're one of 1.2 billion users who had their ID stolen by Russian hackers, but hey, we set up this new company where we'll let you know if your accounts appear in hacker databases for only $120 a year *wink*   (glblgeopolitics.wordpress.com) divider line 38
    More: Followup, Russians, user ID, smartphone apps, siphons  
•       •       •

1285 clicks; posted to Geek » on 07 Aug 2014 at 11:29 AM (19 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



38 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest
 
2014-08-07 08:48:51 AM  
Sounds like a newfangled protection racket to me.
 
2014-08-07 11:12:02 AM  
So you sign up and they ADD you to the hacker database only to say "see we were right!  keep paying us to keep you safe...".
 
ZAZ [TotalFark]
2014-08-07 11:30:40 AM  
Hi, my name is Drew Curtis. Could you send me my stolen passwords so I can find out if I need to change them?
 
2014-08-07 11:30:53 AM  
"Yes, they do appear in the hacker database.  Now."
 
2014-08-07 11:38:07 AM  
Your blog sucks.
 
2014-08-07 11:38:31 AM  
So it's like the online version of LifeLock.. Where is Montel Williams at?
 
2014-08-07 11:40:08 AM  
Just type your credit card number in right here and we'll check to see if they are stolen. Keep in mind, we'll also need you expiration dates and CID off the back to be sure.
 
2014-08-07 11:41:52 AM  
I signed up and paid already. I'm feeling very safe now.
 
2014-08-07 11:43:13 AM  
I love how many of the other media articles on this incident went on and on how people have such insecure passwords, and then made the comment that the security breach was likely not password-based.
 
2014-08-07 11:47:27 AM  
What a scam. I KNOW my passwords are in safe hands with that nice Nigerian prince who emailed me
 
2014-08-07 11:55:52 AM  
Eventually, attacks like this will be treated like acts of war and be treated as such.
 
2014-08-07 11:56:51 AM  

RoxtarRyan: Eventually, attacks like this will be treated viewed like acts of war and be treated as such.


FTFM
 
2014-08-07 12:00:00 PM  
Can we please start linking to source content rather than these bullshiat regurgitators?  Holy fark.
 
2014-08-07 12:19:43 PM  
Your blog sucks.

Info on the guy who broke the news and why the price tag is there:  http://www.jsonline.com/business/debate-swirls-around-security-expert - alexander-holden-b99325583z1-270240091.html
 
2014-08-07 12:22:38 PM  
I keep getting password reset requests and "first login" emails for a game I haven't played in years, so i'm probably on there, go me!
 
2014-08-07 12:30:58 PM  
My take on it, an email I sent to my clients.

I'm sure you have all seen this in the news. The company that "discovered" this is
Hold Security [ http://www.holdsecurity.com/ ] I question their
validity. As you can see from the link above, their website does not
support encrypted connections. If you try to connect to
https://holdsecurity.com you will error out. Odd for a security company.

They refuse to release any information on the alleged breach, while
assuring us that it has been verified by an independent security expert
that they also refused to name.

There are not CERT notifications on this alleged breach
[https://www.cert.org/]

If you want to err on the side of caution, change your passwords.
 
2014-08-07 12:38:08 PM  
I keep waiting and waiting for someone to log into all my accounts and start paying my bills, but so far no luck.
 
2014-08-07 12:43:52 PM  

Odoriferous Queef: My take on it, an email I sent to my clients.

I'm sure you have all seen this in the news. The company that "discovered" this is
Hold Security [ http://www.holdsecurity.com/ ] I question their
validity. As you can see from the link above, their website does not
support encrypted connections. If you try to connect to
https://holdsecurity.com you will error out. Odd for a security company.

They refuse to release any information on the alleged breach, while
assuring us that it has been verified by an independent security expert
that they also refused to name.

There are not CERT notifications on this alleged breach
[https://www.cert.org/]

If you want to err on the side of caution, change your passwords.


So... we shouldn't crack open our neighbours skulls and feast on the goo inside? Or... perhaps you're a hacker and you don't want us changing our passwords!

Hah, just kidding. As if we'd change our passwords even if this was for real.
 
2014-08-07 12:45:37 PM  
i wasn't going to send them anything until they said "wait there's more" and they will protect my credit cards and house keys....so much for so little.
 
2014-08-07 12:46:02 PM  
I think I'll wait a little bit -- I bet someone will steal Hold Security's database within a couple of weeks.
 
2014-08-07 12:50:31 PM  
verkoren.files.wordpress.com
 
2014-08-07 12:59:07 PM  
Slaxl:
So... we shouldn't crack open our neighbours skulls and feast on the goo inside?

Skull goo is quite tasty. Add a little garlic butter.

Or... perhaps you're a hacker and you don't want us changing our passwords!

Crap. My plan has been unveiled!
 
2014-08-07 01:00:47 PM  

Dwedit: [verkoren.files.wordpress.com image 476x94]


Whoa, a popup ad from the days of dial-up...

"Click on the monkey to win a $25 Walmart gift card!"
 
2014-08-07 01:03:59 PM  
In other news, a processing center got breached again.  Just had a 'new card' notification sent out to me today, when I called to clarify they let me know. :(
 
2014-08-07 01:08:56 PM  

DeathByGeekSquad: In other news, a processing center got breached again.  Just had a 'new card' notification sent out to me today, when I called to clarify they let me know. :(


It amazes me that our country is so damn slow to move to the credit cards that require PINs and are more secure. As long as someone physically has the card, or at least has had temporary access to it to get the 3 digit number off the back, all they need to do is sign the slips "Santa Claus" and they can buy whatever they want.
 
2014-08-07 01:19:21 PM  
We just moved to Office 365 and I have been bombarded with junk mail for the last few days. Hard to tell what to blame.
 
2014-08-07 03:08:00 PM  

GameSprocket: We just moved to Office 365 and I have been bombarded with junk mail for the last few days. Hard to tell what to blame.


I wish I never signed up to LinkedIn. Stupidest thing ever, and now I get nothing but business junk mail.
 
2014-08-07 03:36:28 PM  

RoxtarRyan: Dwedit: [verkoren.files.wordpress.com image 476x94]

Whoa, a popup ad from the days of dial-up...

"Click on the monkey to win a $25 Walmart gift card!"


But the monkey didn't seem that fast.....
 
2014-08-07 04:21:00 PM  

Slaxl: GameSprocket: We just moved to Office 365 and I have been bombarded with junk mail for the last few days. Hard to tell what to blame.

I wish I never signed up to LinkedIn. Stupidest thing ever, and now I get nothing but business junk mail.


I get very little junk from LI. I've been pursued/recruited several times through linkedin, and one competitive offer resulted in a counter from my current employer that has me $50k over when I started here (which was already a good bump from the previous place). Linked in has cost me about negative $150K so far. Seems ok to me.
 
2014-08-07 04:24:43 PM  

Nogrhi: So you sign up and they ADD you to the hacker database only to say "see we were right!  keep paying us to keep you safe...".


Yup, pay them 120/year and give them the email addresses and passwords you use for sites. It's totally safe, they won't give it to anyone.
 
2014-08-07 04:43:17 PM  
"If they are fresh credentials for important services like online banking, they are ripe to be used to siphon money from online accounts."

Who the _frak_ have written that garbage? IDs and passwords are _completely_ useless for "siphoning money from online accounts". Every single online account have one-time pads, either electronic or a farking card printed in plastic, or at the very farking least an sms confirmation service.

There is no bank in the world you can steal money from knowing only login-password and not having in your personal position a physical thing - one-time pad or sim card.

And if there is, they should lose all their money and then be executed on the spot.
 
2014-08-07 05:22:42 PM  
Well depending on where you look there's somewhere between 2.4-2.9 billion people online.

That means that's about a 50/50 shot anyone coming in is actually vulnerable.  Since a lot of the website that were hacked were major Western companies, this offer probably does cover a huge portion of the vulnerable population, so it's not that far off base.

Whether or not their protection is worth $120 is probably another story...
 
2014-08-07 05:31:57 PM  

PhilGed: Well depending on where you look there's somewhere between 2.4-2.9 billion people online.


Yeah. And people have, on average, 10 to 15 passwords, I guess.

Your mail password and your banking password, fark password and some forum password and then there is, of course, steam password and WoW password and that another game you've played, and facebook password and once you got drunk and registered on youtube to comment so here comes another...

1 billion accounts means probably, like, 500 people total. :))))
 
2014-08-07 06:28:53 PM  
1. get a password manager
2. change your passwords periodically (meaning every few months)
3. check your accounts periodically

If you must use a card, have a separate account with minimal funds.
 
2014-08-07 07:55:50 PM  
So... pay us squirrely info sec guys $10 and give us your passwords so that we can tell you if squirrely info sec guys have gotten their hands on your passwords. Oh lawdy. Sign me up.
 
2014-08-07 08:44:48 PM  
we should be sending agents to these farks and fark them up. This is BS extortion.
 
2014-08-07 09:09:19 PM  

Mega Steve: What a scam. I KNOW my passwords are in safe hands with that nice Nigerian prince who emailed me


I hate to break it to you, but he's just screwing with you. I already sent my bank information and three installments of $500 for his money. You got played, fool.
 
2014-08-07 10:36:43 PM  

rogue49: 1. get a password manager
2. change your passwords periodically (meaning every few months)
3. check your accounts periodically

If you must use a card, have a separate account with minimal funds.


Yeah, because Gator 1 2 3 4 5 was such a safe, trustworthy and reliable password manager.

Password managers/lists are a big juicy target for hackers.  Phishing is usually faster and more reliable, though.  People are dumb and will use the same password for dozens of websites.  Get them to start a new account to download X, and you probably have their same password for every major payday location.  Or not really.  Good scammers use email and/or the old-fashioned telephone to get money from the ignorant, uninformed, and the elderly.

One of the largest and most successful current (5+ years) scams involves callers from Mumbai that claim to be from Microsoft.  Your machine is infected.  They will walk you through how to see the error codes on your machine, how to allow them to connect, so that they can "fix" it, and now your machine must be unlocked from the "virus."  Pay $X to unlock and fix your PC, and these "heroes" can save the day.  From the lock that they sweet-talked the victim into installing in the first place.
 
Displayed 38 of 38 comments

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »
On Twitter





In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report