I bet by now you should know the power of spoofing your MAC Address. MAC address can actually be changed directly from Windows but the easiest way is to just a free program called Technitium MAC Address Changer. To change your MAC address, run the program, click the Random MAC Address button followed by the Change Now! Mar 18, 2013 Hey guys what is up, Its KonzoleGamingHD here with an awesome video on how To hack into someone else's computer an do what ever da hell you wanna do to it, i will explain more about it and what it. Feb 01, 2018 Despite what you see on TV and in movies, it's not like you can just press a few keys and pull up a lot of things, or hack into someone else's computer in a few seconds. It takes a fair amount of. Oct 15, 2015 MAC addresses are unique – sort of. A MAC 1 address, or “Media Access Control” address, is a unique 48-bit number 2 assigned to every network interface. If your computer has multiple network interfaces – say both a wired ethernet port and a wireless network adapter – each interface will have its own MAC address. In theory, it’s unique. In theory, every network card or network.
My Amazon account was recently hacked, and I was NOT thrilled when I discovered this unfortunate problem. I’m going to share how I discovered my account was hacked, what I did about it, how it was resolved, and what you can do to secure your personal accounts. I will write another article about making our systems more secure for our customers.
On December 27th at 9:36pm ET, I received this very helpful email from Amazon (email addresses changed):
Here’s the problem: I didn’t change my email address, in fact, I hadn’t used my Amazon account since I purchased my green-screen a few weeks ago. How did my email address change without my interaction with Amazon, and even more curious: who the heck is “[email protected]”??
I immediately attempted to login to Amazon with my email and password that I had been using… and no luck. I couldn’t access my account. What about Alexa? Could I still configure my Echo devices? I grabbed my iPhone and opened the Alexa app and was not greeted by the standard Alexa features, but rather this login screen (image modified to hide the email address):
Are you kidding? I couldn’t control my Echo devices, and also the home automation things that were connected to them. This was not going to get better, only worse… so I quickly searched for a phone number for Amazon Customer Service. Have you ever looked for the customer support phone number on Amazon’s web site? it is IMPOSSIBLE to find, because it’s not under “Help” or “Customer Support”. It’s hidden at least three clicks from the home screen, and even then, I still couldn’t find it… but I’ll help you with this pro tip: Bing has the Amazon Customer Support phone number listed as a quick result.
Strike one for Amazon customer support
I’ve been hacked and felt like they didn’t want to help me because they hid the information I needed to get help to fix it.
On the phone, I selected an automated menu to “get help with logging in to my account”. The customer service rep, Christine, was very friendly and asked me for my email and home address in order to work with me to get access to my account.
I think we found our problem… Christine only needed these two pieces of information to get me into my account? No password? No mobile phone? No other piece of information? What’s keeping someone from finding my email and home address from a database and calling to take over my account?
Strike Two for Amazon customer support
Booga booga hacks mac. They EASILY give out your information without any personally identifiable information to confirm who you are on the phone.
Christine could not find my Amazon account with my email address, because obviously the attacker had changed the account’s email address to “[email protected]”. I gave Christine THAT email address along with my home address and was able to access my account. I told Christine that I didn’t request the email change and that I did not make any purchases or use any services since that email change. Spotify app mac with downloading. Christine took steps to freeze my account by removing purchasing capabilities, my credit cards associated with the account, and prevented anyone from logging in to the account. She told me that the case would be referred to their “fraud department” and I could call them in the morning to discuss next steps.
Reflecting on this call with Amazon: I now know that the attacker changed my email address on the account but did NOT change my billing address or shipping address. What if they changed one of those fields? Would I have been able to recover my account?
The next morning I called Amazon customer support and requested to speak to their “fraud department” about my problem. I was told “there is no ‘fraud department’ and that a ‘customer account specialist’ would get back to me in a few hours about my problem.”
Can Someone Hack My Mac And Add A Profile AccountStrike Three for Amazon Customer Support
What happened? Head basketball hacked mac. What changed? Why doesn’t the Amazon customer support department know if they have a fraud department or not? I don’t know, but the lack of a formal and well-defined fraud department in the largest online retailer scares me.
Can Someone Hack My Mac And Add A Profile Page
I asked to speak to a supervisor to get to the bottom of this problem. The supervisor asked me if I had been accessing my Amazon account over an insecure wireless network like a coffee shop or an airport. No. no, I had not been traveling in months, and I do not do any shopping on insecure networks. I found the suggestion that I was at a coffee shop using Amazon to be slightly presumptuous, but didn’t pursue it. The supervisor went on to explain that I would receive an email in the next few hours with instructions to recover my account. Once again, no personally identifiable information was requested. no request to confirm a recent purchase or the last four digits of one of my credit cards that was on file. They only needed “my email address” What’s keeping an attacker from calling and complaining about this same thing and giving their evil-doer email address instead?
I waited the required amount of time, and sure enough the following email arrived with the details of my account recovery:
This email leads to more questions:
Disappointed, I waited my designated five hours and went back to the Amazon website and clicked through the “Forgot Password” link on their sign-on page.
Forgot Password Link
Can Someone Hack My Mac And Add A Profile Picture
Clicking that forgot password link prompted me for my email address or mobile phone number.
I thought I had my phone number registered with the account, but my email address worked to trigger an identification email to my preferred email address. What bothers me is that “Customer Service” link at the bottom. If you click that, you’re prompted to call a 1-800 number for customer support… <sigh>
After keying in the six-digit code that I was sent, I finally had control of my account again. The first thing I did was set up two-factor authentication to limit my future exposure. This took a bit of a search, as the two-factor capabilities are not promoted or very visible on the Amazon site.
How to Configure Two-Factor Authentication with Amazon
I recommend everyone set up two-factor authentication for Amazon and any other service that offers this capability. Here are the steps to add this extra-security measure to your Amazon account:
1. Login in to your account, and click the “Your Account” button on the right side. On the resultant screen, click the “Login and Security” button in the top middle.
2. Click the “Edit” button next to the last item on this screen, labeled “Advanced Security Settings”
3. On the next screen, you can choose to authenticate with a phone or an authenticator app. I strongly recommend you choose the authenticator app, as the phone authentication sends a text message that COULD be intercepted if someone really wants to get into your account.
Two Factor Configuration
There are several authenticator applications available for iOS, Android, and Windows Phone devices. I recommend you choose either the Google Authenticator app or the Microsoft Authenticator app for their ease of use and configuration. They both offer the same capability of taking a picture of a QR Code, like the one in the above screenshot, and generating codes for you automatically. My Microsoft Authenticator app on my iPhone looks like the following:
Just click the plus symbol in the top-right corner to add a new account, and choose the “Other Account” option to add your Amazon account.
Authenticator Account Type
The app opens the camera and you can point your phone at the QR Code shown on the screen, and Amazon with your email address will be added to the main screen. The next time you login to Amazon, you will be prompted to key in this 6-digit number after your password.
Amazon does do an interesting thing on devices that don’t support a secondary prompt for this code. The service will reject your password, and you will need to key in your password with the six-digit code appended to the end. If my password is “SuperSecret” and my authenticator displayed the 871255 code as shown above, I can then use the password “SuperSecret871255” to access Amazon services.
Summary
Attackers are out there, trying to get access to any and all information related to spending or personally identifiable information. Among their motives: they want to resell your identity, they want your credit cards, and they want access to services as you so that they can send phishing emails to everyone on your contacts lists. Protect your accounts by setting strong passwords, use a password manager like LastPass or 1Password, and configure two-factor authentication everywhere it is available like Google Mail, Amazon, Outlook.com, OneDrive, and GitHub. It’s easy, fast to do, and will make your accounts much more secure.
Featured image courtesy of MaxPixelComments are closed.
|
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |