Friday October 23, 2015

The low-tech strategy behind a high-profile email hack


Credit: (CBC)

Listen 7:43

Hackers have gotten pretty sophisticated with techniques to steal people's personal information. But this week, a teen hacker took responsibility for breaking into CIA director John Brennan's email by using a decidedly low-tech strategy called social engineering.

The hacker says he got all the information he needed to resent Brennan's email account by calling up Verizon, and pretending to be another Verizon employee. Brent talks to Brad Carter, who has been low tech hacking since the 1990s, when he formed a group called the "Phone Losers of America" . He runs a podcast, where he pranks people into giving out personal information over the phone, just for kicks. 

He recently tricked a Verizon employee into giving up her unique employee number over the phone. Under CRTC rules, couldn't broadcast that call on our show this week but you can listen to it here.

Carter says one way you can protect your email from being hacked the way that CIA director John Brennan's was is to set up a two-step authentication on your email account, like the kind Gmail offers.