Hackers wanting to steal your financial information can do it much easier than many believe. All they need is two bits of data, and you regularly give them out. They need your name and email address, and in a small number of cases they may need your physical address, too.
Considering the amount of companies that ask for this information, it is not difficult to see how financial theft happens online. When it comes to downloading or signing up to anything online, companies will ask for your name and email address; and sometimes this is all they request. Just look at the number of subscription forms where you just need your first name and email to get a free download for example!
The Blaze reports that only the name and email address need to be correct. There are times that a physical mailing address will be requested, but this does not need to be correct. Eric Springer, an Amazon customer, found this out through an automated customer service email sent months earlier. When he received the email thanking him for contacting Amazon, he was surprised and confused because it was something he had never done.
Some people would have ignored the email. After all, how often have individuals been warned of phishing and other email scams. Yahoo reports that one of the most common phishing scams is warning people that their accounts will be deactivated. That prompts them to click the link in the email and log into what they believe is their account. Really, it is scammers who now have your email address and password for an account.
Springer decided not to ignore the thank you email. After contacting Amazon, he realized that someone was trying to steal his financial information. Getting a transcript of the online conversation that had taken place, he found out that a hacker had used his name and email as a way to get through to customer service and gain account information, including his credit card details.
In the transcript, it was clear that customer support tried to protect Springer’s identity. The hacker had requested information about where the latest item was being shipped to, but customer services wanted to know the name, email and billing address first of all. The hacker provided the information, and customer services were none the wiser that this was someone else.
The home address was fake, but was something Springer had previously set up. He says that it is a fake address that he uses to protect some of his financial details. In this case, it turned out that this was not as secure as he previously believed. By using the fake address, the hacker was able to obtain the real address. This would then lead to other serious financial information being stolen.
After realizing the issue, Springer escalated his complaint within Amazon and made sure they acknowledged their precautions are not foolproof. The company may have changed things already, or it may be that Springer has made up the whole thing.
Gizmodo’s Alex Cranz attempted to recreate the problem, but Amazon saw through her scam. She’d provided an old address that was in the public domain, but Amazon customer services wanted to talk to her on the phone before they verified everything. She believes that the scam may work with some representatives, but others may get a representative who is a bit more wary.
People need to be wary of the information they give out to companies, and still need to watch out for phishing scams. They also need to look through all emails and do their research into them. One email could be the sign that someone wants to steal your financial information with just two pieces of personal information.
[Featured photo by Chung Sung-Jun/Getty Images]