http://xato.com/privacy/my-ssn-is-showing Mark Burnetts Windows Security Mon, 01 Dec 2008 20:06:33 +0000 http://wordpress.org/?v=2.5.1 http://xato.com/privacy/my-ssn-is-showing#comment-191 Rev Fri, 02 Mar 2007 17:35:44 +0000 http://xato.net/bl/2007/02/06/my-ssn-is-showing/#comment-191 The last four digits of an SSN is ever Social Engineer's "Golden Ticket". Many companies use the last four digits of your ssn as their primary means of authentication. Even if an account with a utility company or other service provider has been password protected company reps are often sympathetic to customers who "can never remember all of their passwords". The information contained in this email alone may have been enough for an attacker to gain access to your account considering they would now know not only the last four digits of your SSN, but also the name of your financial institution and I would assume your first and last name. (which would be trivial to obtain if not included). The last four digits of an SSN is ever Social Engineer’s “Golden Ticket”. Many companies use the last four digits of your ssn as their primary means of authentication. Even if an account with a utility company or other service provider has been password protected company reps are often sympathetic to customers who “can never remember all of their passwords”. The information contained in this email alone may have been enough for an attacker to gain access to your account considering they would now know not only the last four digits of your SSN, but also the name of your financial institution and I would assume your first and last name. (which would be trivial to obtain if not included).

]]>