Hacker reveals how he social engineered his victims


Romanian hacker Marcel Lazar known as Guccifer (great alias) plead guilty this week in the United States. He was charged with unauthorized access to protected computers and aggravated identity theft. As part of his plea he discussed how he broke into accounts using only social engineering.

How Lazar gained access to Romanian politician's email:

Lazar claims that he broke into Cretu's Yahoo email account after guessing the answer to her security question: The street where she grew up. First he found the name of the primary school that she attended on her public Facebook page. Then he methodically tried out street names close to Cretu's childhood school until he found the right one, correctly assuming that she attended a school close to her home.

Something to consider when filling out those password recovery prompts. It might be best to have some fake answers or intentional misspellings memorized.