I just couldn’t resist writing about this one. It could be described as the “worst of both worlds,” instead of the “best of both worlds.” This is a story that truly made me wonder if scammers can get people to simply give them any sort of information that they might want. And this story starts with a bit of history.
About two decades ago, I started a web design business, including a business domain. I was terrible at marketing, had no budget, and underpriced myself to hopefully gain customers. It didn’t take long to figure out that I much preferred eating to having my own business. And I closed the business.
Recently, as some of you are aware, the FCC opened cell numbers to telemarketing calls. So, thanks to lists that have my cell number from my old domain record, I get several morning calls a week offering me business loans. That’s not too bad. It’s a matter of a few seconds till I can hit 2 to be removed from their calling list. But, this afternoon, I got the gem of gems.
Many of us have gotten those scammer emails about inheritances, gift cards, scholarships, and grants. Today I had one call me from the “US Department of Grants.” In a very thick accent that was heavy enough that she probably wouldn’t ever be hired for phone work, she told me I had won a grant, told me the amount and was ready to grab any info I’d give. I asked her, since I hadn’t applied for a grant, why she was calling me. And she started over again. At which point I suggested scamming must be profitable. No denial, just a hang up. I didn’t tell her that I also doubted a US government office would be calling from a Google Voice number.
I started wondering if that was a random call or she was using my old domain record. And then I saw some interesting information. A Russian Hacker gave Hold Security a list he had collected of names, email addresses, and passwords. He was originally trying to sell it for the Russian equivalent of $.75. Yup, the decimal point is really in front of the 75. That sounds low, right? Even more so when you find out the size of the list: 1.17 billion records. Most are on other lists from breaches, but that still left 272 million “new” records, many in the US. It’s not difficult to get that info.
Between breaches, public records, and what we share on social media, many of us are an open book. My experience should be fair warning to be careful what you share online.