Warning: Domain name personal data retrieval!
This post is a special edition as this type of data vulnerabilities and scamming risks are significant.
The blog shows how sensitive personal data can be retrieved without authorization, in one of the easiest ways I personally experienced:
-Anyone can type in their browser: http://www.who.is/whois/
-After, from the bottom of the page, the link under “For complete domain details go to” can be easily copied and further use:
-Once the link will be introduced in a web browser (copy and paste), sensitive and complete personal data as shown bellow, will be made available:
Registrant’s full name
Complete email address
Complete home address
Complete phone number
Indeed there is a “no data use” warning posted on the page, but personally I have doubts that this will stop anyone from using this data, (outlined in the red circle).
What someone can do with this data? A scam! Any kind of scam, but mostly it is preferred the domain registration one.
How it works:
A letter will be send on the name and to the address available on WHOIS website claiming to pay the registration fees for your domain name. The expiration date is indicated (it is real) and it is available on the website for anyone.
The same letter will ask the registrant to pay the registration fees for another two years and provide the credit card number and credit card expiration date details.
What would they do with it? The scammer will clone your card and buy products online or from offline stores (such as electronics, computers, jewelries) having the purpose of selling them for cash.
A website address may be a public domain but the registrant’s name, home address, email address, phone number should not be public at all!
To me not the scam itself it is the most concerning but the easiness how sensitive personal data is available to ANYONE on the world wide web !!!
There are never ending discussions about how policies should be like, how new SNS’s features should be like, but do those policies and features help effectively protect many users from privacy intrusion, unauthorized access of personal data, fraud and scams? I am not sure, but what I am sure about is that AWARENESS, EDUCATION, KNOWING which are the risks, and how could be defeated, can protect users from being victims of identity theft, privacy intrusion, financial frauds, access of personal data.
When registering a domain name, one can chose to keep the registration details private, but unfortunately the account comes with this settings set public by default, instead to be set private by default. How many users know about these risks and how to protect against them? In order to get the registration private, some steps should be done which it is not known by many users/registrants.
This post aims to emphasis one more time how vulnerable our private data is on the Internet.
Any questions can be submitted to: firstname.lastname@example.org
Additional information can be found at: www.e-crimeexppert.com
Did you know this scam? Did you know how to retrieve such info? What do you think about the easiness of this method?
Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.
- @k3rstin Hi Kerstin. Im fine thank you. Still in Brussels. Can we collaborate on any project/assignment? Best regards, Dan. 1 year ago
- 6 Essential Tips on How to Prevent Online Shopping Fraud wp.me/p1N1s0-jD 3 years ago
- Cyberbullying wp.me/p1N1s0-jz 3 years ago
- 10 Ways to Prevent Your Identity From Being Stolen wp.me/p1N1s0-jv 3 years ago
- Infographic-Privacy and Security on Facebook wp.me/p1N1s0-jp 3 years ago