Yahoo gives way to identity fraud

Think about it:

  • Marine was over 18 (legal independent adult in the US).
  • Marine didn’t put in writing that he wanted his parents to have access.

Considering this. Why can’t I have access? There is no report of the parents having a DNA test compared to the remains of the soldier to prove a blood relation. For all that’s known, they are just random people. A persons birth certificate in the US doesn’t contain fingerprinting of parent/child (as it should, and has been argued for about 50 years). Only a legal name of the child, and the parent, plus mothers age. Which often isn’t unique (how many John Smith’s are there). This isn’t to say they are cons. But that there’s no true proof unless there’s a DNA test. It’s rather easy in the US to live under an identity that’s not your own. People do it all the time. Most just to escape creditors, or family. Nothing to evil. But of course some ex-cons do as well just to escape the stigma. Stories of people living under fake identities for decades are not at all uncommon. They get drivers licenses, and all benefits under such identities.

Nor is there legal president that just because your a parent you can get such access. Normally that would go to whom ever the deceased designates. Not just “anyone who asks for it” Typically a spouse.

If that soldier’s bank account didn’t have his parent as a cosign on the account. Guess what. That account’s not going to the parents with just a simple legal proceeding.

This is a big win for any identity scammers. Look through death certificates filed at your local municipality, and go after ISP’s to get email accounts. Then use the email account (and it’s data). Can do all sorts of fun things:

  • pretend to be that person and con people
  • extract passwords, data from stored email
  • submit it to websites to get passwords reset on various accounts

It would be rather easy for someone to show a death certificate and say they are the next of kin and deserve the ability to take the persons identity (which is essentially what getting email is).

This is phishing to a whole new level.

This is of course beside the fact that anyone who emailed the person intended for the email to be received by the individual, not whomever files papers with the court for access. At a minimum Yahoo should have contacted all people who corresponded with the individual and asked if they are ok with being included with this. If I were one of them, I would be rather upset. An email sent is intended for the recipient, unless otherwise stated.

Get ready for some serious abuse of this new power. I’m positive were going to see some new phishing attempts designed to exploit this.

I’m curious why it isn’t this easy to get access to someone’s bank account without being a cosign on the account? What’s the difference? There’s a lot less harm in getting access to assume the persons cash then the persons identity.

Credit to yahoo for giving a CD, not the account itself. But it’s still wrong. This makes fraud all to easy. Now you don’t even need to be smart. You just need to have the balls to file some papers with a court who is way to busy to even read them.

One thought on “Yahoo gives way to identity fraud

Leave a Reply

Your email address will not be published. Required fields are marked *