Tracking The Use Of Leaked Consumer Data
Tracking the Use of LeakedConsumer DataTina Yeung & Dan SalsburgOTech FTC Office of Technology Research & Investigationwww.ftc.gov/OTech research@ftc.gov#IDTheftFTC
What Happens to Leaked Credentials?Research question:When consumer credentials are made public,does anyone use them?Goal:Design and conduct a study that tracks the attempted useof stolen consumer credentials#IDTheftFTC
Study of Credential Use1. Create 100 consumer accounts2. Post account data publicly3. Track use of data#IDTheftFTC
Fake Customer Data1.2.3.4.5.6.NameAddressPhone numberEmail addressPasswordPayment mechanism Credit card numberOnline payment accountBitcoin wallet#IDTheftFTC
Posting of Fake Customer Data#IDTheftFTC
Posting One vs. Posting Two Same data, posted twice Different format and time of dayPosting 1: 100 viewsPosting 2: 550 views(Picked up by Twitter bot)#IDTheftFTC
Monitoring of Data Usage Monitored for about three weeks– Week before Posting 1 (Pre-study control)– Week after Posting 1 (Week 1)– Week after Posting 2 (Week 2) Logged––––Email account access attemptsPayment account access attemptsCredit card attempted chargesTexts and calls received by phone numbers#IDTheftFTC
Time Before First Unauthorized Access AttemptPosting 1Posting 21.5 hours9 minutes#IDTheftFTC
Total Unauthorized Access AttemptsNumber of Attempts12001108100080060040020001191Pre-StudyWeek 1Week 2#IDTheftFTC
Unauthorized Access Attempts by Account Type100%90%80%70%60%50%40%30%20%10%0%Email ServicesCredit Card NumbersPayment Accounts#IDTheftFTC
Account Activity#IDTheftFTC
Number of AttemptsEmail Account Access Attempts by eek 1Week 2#IDTheftFTC
Email Access Attempts by Unique IP AddressesNumber of Unique IPs30252015105012345678910Number of Attempts11121314 44(Likely underestimates access attempts)#IDTheftFTC
# of Unique IP AddressesGeolocation of IPs Used in Access Attempts50454035302520151050IP AddressesSuspicious IP Addresses*IP Country of Origin*IP addresses identified as suspicious by a freely available service#IDTheftFTC
Credit Card Purchase Attempts Max: 2,697.75, at a clothing website Total amount within two weeks: 12,825.53– Includes multiple payment attempts– Includes preauthorization charges Noteworthy attempts:– Online dating service– Pizza place– Hotels#IDTheftFTC
Amount Attempted per Charge160Number of Charges140120137Identified 110#IDTheftFTC
Number of ChargesCharge by 311#IDTheftFTC
Additional Thoughts If you post it, they will use it Paste sites should be monitored by email andpayment service providers Two factor authentication provides some protectionagainst stolen credentials Merchants should consider refusing seriatimpurchase attempts#IDTheftFTC
Future work Analysis of email spam, text spam, andphone calls received by fake consumeremail accounts Posting of consumer data in other ways thatmight attract different types of thievesHave relevant research?www.ftc.gov/OTech research@ftc.gov#IDTheftFTC
Contributors Sheryl RothPhoebe RougeJoe CalandrinoAaron AlvaJustin BrookmanPhillip Miyo Nicole DavisAaron KaufmanAmber HoweBiaunca MorrisJonathan AidAnne Blackman#IDTheftFTC
Fake Customer Data . 1. Name 2. Address 3. Phone number 4. Email address 5. Password 6. Payment mechanism Credit card number Online payment account Bitcoin wallet . #IDTheftFTC . Posting of Fake Customer Data . #IDTheftFTC . Posting One vs. Posting Two Sam
leaked update fortnite, leaked updates animal crossing, leaked update, among us leaked update, acnh leaks updates, minecraft leaked update, modern warfare leaked update, gta 5 leaked update
May 02, 2018 · D. Program Evaluation ͟The organization has provided a description of the framework for how each program will be evaluated. The framework should include all the elements below: ͟The evaluation methods are cost-effective for the organization ͟Quantitative and qualitative data is being collected (at Basics tier, data collection must have begun)
Silat is a combative art of self-defense and survival rooted from Matay archipelago. It was traced at thé early of Langkasuka Kingdom (2nd century CE) till thé reign of Melaka (Malaysia) Sultanate era (13th century). Silat has now evolved to become part of social culture and tradition with thé appearance of a fine physical and spiritual .
On an exceptional basis, Member States may request UNESCO to provide thé candidates with access to thé platform so they can complète thé form by themselves. Thèse requests must be addressed to esd rize unesco. or by 15 A ril 2021 UNESCO will provide thé nomineewith accessto thé platform via their émail address.
̶The leading indicator of employee engagement is based on the quality of the relationship between employee and supervisor Empower your managers! ̶Help them understand the impact on the organization ̶Share important changes, plan options, tasks, and deadlines ̶Provide key messages and talking points ̶Prepare them to answer employee questions
Dr. Sunita Bharatwal** Dr. Pawan Garga*** Abstract Customer satisfaction is derived from thè functionalities and values, a product or Service can provide. The current study aims to segregate thè dimensions of ordine Service quality and gather insights on its impact on web shopping. The trends of purchases have
Chính Văn.- Còn đức Thế tôn thì tuệ giác cực kỳ trong sạch 8: hiện hành bất nhị 9, đạt đến vô tướng 10, đứng vào chỗ đứng của các đức Thế tôn 11, thể hiện tính bình đẳng của các Ngài, đến chỗ không còn chướng ngại 12, giáo pháp không thể khuynh đảo, tâm thức không bị cản trở, cái được
Le genou de Lucy. Odile Jacob. 1999. Coppens Y. Pré-textes. L’homme préhistorique en morceaux. Eds Odile Jacob. 2011. Costentin J., Delaveau P. Café, thé, chocolat, les bons effets sur le cerveau et pour le corps. Editions Odile Jacob. 2010. Crawford M., Marsh D. The driving force : food in human evolution and the future.
