One of the big stories going around now is about VP candidate Sarah Palin’s Yahoo email account being “hacked”. As it turns out though her email account wasn’t really hacked. The person who broke into her account used social engineering to reset her password so they could access it.
This is a perfect example of the problem I blogged about back in January with using real information for your security questions. If Sarah Palin had not used real information when answering the Yahoo email security questions her email would not have been compromised by someone guessing her security questions. Also keep in mind, Yahoo gives the same secuirty question challenges to everyone. So if I want to social engineer my way into your email account I already know which security questions to start researching.
About Jason