On Tue, Mar 30, 2010 at 04:29:47AM -0400, [email protected] wrote 1.9K bytes in 49 lines about: : In brief, a directed attack using social engineering was perpetrated : against my domain registrar, Dreamhost, and due to multiple failures on : their part, they granted the attacker access to my account, froze me : out, and hampered my ability to halt the attack.
This is an increasingly successful and common attack. I've helped a number of domain owners better protect their domains after losing them in this manner. Some of these were security companies who should know better. I've encouraged domain owners to setup some sort of two factor authentication (email and phone with a pre-shared passphrase, typically) with their registrar. Apparently people need to be reminded that security in depth has proven itself over time as a sound practice. : I've reported the attack to the local police and the FBI. I'm interested to know if they can and will do anything about it. -- Andrew web: http://lewman.com xmpp: [email protected] pgp key: 31B0974B _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
