Sep
18
How to hijack social media accounts without any hacking required
Facebook, LinkedIn, Twitter and any number of smaller social networks we don’t even know all seem to suffer from the same problem: ignoring the fact that domains cease to exist.
Only just today, I’ve spotted mail from LinkedIn to many accounts in over a dozen spamtrap domains. Twitter likewise, and Facebook, even more. I imagine that having control of these email addresses, I could “reset password” in all of those accounts if I wanted to, and therefore gain control over most of them (if they aren’t using two-factor authentication, such as that LinkedIn offers). How is this in the interest of the social networks or the account owners?