[Pauldotcom] Username Check
xgermx
xgermx at gmail.com
Mon Oct 27 19:09:30 UTC 2008
No way to know for sure I suppose, but there are easier (see: cheaper)
ways of harvesting usernames.
2008/10/27 Dan McGinn-Combs <dgcombs at gmail.com>:
> Are they really checking or simply *collecting* usernames themselves. Looks
> like a nifty toy to do that with.
>
> On Mon, Oct 27, 2008 at 9:09 AM, xgermx <xgermx at gmail.com> wrote:
>>
>> http://www.usernamecheck.com/ is a simple website that shows where you
>> have a username registered (checks against 75 different sites). To a
>> normal web user, this probably seems bengin, but from the attacker POV
>> this is gold.
>> Pauldotcom - registered on 13 sites, that leaves at least 62
>> opportunities for social engineering.
>> _______________________________________________
>> Pauldotcom mailing list
>> Pauldotcom at mail.pauldotcom.com
>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
>> Main Web Site: http://pauldotcom.com
>
>
>
> --
> Dan McGinn-Combs, Security+, GSEC, CISSP, CISA
> dgcombs at gmail.com
> Grand Central: +1 404 492 7532
> Peachtree City, Georgia USA
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>
More information about the Pauldotcom
mailing list