Orange’s insecurity, and the immobile face of Paris (Hilton)
- Simon Willison: Social engineering and Orange
I had a call on my mobile earlier today from a lady claiming to be from Orange (my phone service provider) who told me that my contract was about to expire. She asked me for my password.
Alarm bells instantly went off in my head, so I told her (truthfully as it happens) that I didn’t know my password. Then she asked for my postcode instead.
At this point I was pretty sure this was a social engineering attack, so I started to quiz her about why she needed the information. She said it was for a “security check”. I told her I was uncomfortable giving out information like this to a cold caller over the phone and she said it was nothing to worry about because it was all covered by “the data protection act”.
A very weird experience for Simon Willison being phoned *by Orange*. And it could very easily be a con - the call came from a “mobile” number..
- Paris Hilton doesn’t change facial expressions
An animated GIF of many photocalls with the DIY porn video heiress at the centre. Weird but true. Viewing may cause epilepsy, or regurgitation, or just slack-jawed amazement. No, you have to look at the web page. Work-safe, but turn the volume down first.
- These posts might be related (the database thinks..):
- The dramatic news from the Apple Expo: Phil Schiller is *funny*! (31 August 2004; score: 41.29%)
- Walt Disney's mind. What was it like, exactly? (8 January 2008; score: 28.51%)
- Mac mini: my review at The Independent (9 February 2005; score: 27.61%)
![[Valid RSS]](wp-includes/images/valid-rss.png "Validate my RSS feed"){kind=small}
November 14th, 2005 at 9:45 pm
ISTR writing a net.wars about the need for two-way authentication between banks/companies and their customers.
First Direct used to do this. They’d call and say, “Let me take you through security.” And I’d say, “You’ve got to be kidding.” The first few times, I had to spell out for them why what they were doing was such a bad idea. Now, they give you a number to ask for if you call back.
I usually tell them to just send me a letter.
wg