After reporting on companies getting hacked, Fusion reporter Kevin Roose wanted to find out exactly how devastating it would be to have one’s online identity and information stolen. So he asked two computer security experts – Chris Hadnagy of Social Engineer and Dan Tentler of Phobos Group – to hack him. Kevin’s video report on his experience is a legit scary movie.
As his company’s name implies, Chris hacked Kevin not by using malicious software but simply by asking around. They asked people, such as Kevin’s Internet provider, his phone company, and they asked the Web, such as Kevin’s social media accounts. In the end, Chris had a 13-page file on Kevin, which included vital information such as Kevin’s Social Security number. The cherry on top of this rekt sundae? One of Chris’ colleagues accessed and modified Kevin’s cellphone account just by talking to an agent over the phone and pretending to be Kevin’s wife. Again, all without using a bit of malware.
Dan, on the other hand, did use malware, and basically turned Kevin’s life into an episode of Mr. Robot. He stole all of Kevin’s passwords, hacked Kevin’s webcam so he could watch or take pictures anytime he liked, and even sent messages using the text-to-speech feature on Kevin’s computer. Of course, Kevin should have known better than to click on a pretty obvious phishing e-mail.
Watch Kevin’s report or read his article on Fusion for more of this scary story.
The methods used to theoretically ruin Kevin’s life were not novel or complicated. But that’s exactly why we should be more vigilant and obey the basics of computer security. And tape over our webcams. Seriously, screw webcams. That was creepy as hell.