Marhgil pinged me about Xoom’s accounts being easily hacked (I think it’s more like cracked). He explained more about it here on his blog.
Since I have been a regular Xoom user, I was very curious on how this could be done. So, I tried the simple steps he outlined — figure out the login email, figure out the bank account number, and figure out the zip code. Let’s look into how easy it is to find the 3 required data to reset your password.
We’ll use a scale of 1 to 10, 1 being the hardest to figure out and 10 being the easiest.
1) Email Address – if the Xoom Account owner has a webiste or a blog, chances are his or her email account is posted there. This is practically the easiest data to mine on the net. I’ll give this 8 points in the scale.
2) Bank Account Number – I’m not sure if the regular Xoom Account holder adds his or her bank account in their Xoom profile but what’s the likelihood that this person also publishes his or her account number online? Ok, maybe for people who have some sort of business and posts his bank account online, this could be a huge drawback. I’ll give this one just 2 points in the scale.
3) Zip Code – there a good chance you can find a person’s address online, depending on how much info he or she publishes on the internet. Say 5 points?
Adding up all three factors, we get something like 15 out of 30. That’s dead even. Actually, the critical information there is the bank account number. So, it really depends on the Xoom user and for people like me this sure does pose a huge security risk. I tried cracking into my account and was able to do so with Google in less than 5 minutes (without cheating!).
Now, let’s say someone cracked into your Xoom account. What can he do with it? Not much actually. he can change your password and profile but that’s about it. If you send money, you’ll still have to supply and verify your Paypal account ot credit card account.
So there, not a really huge deal for most but it’s all worthy to look into.
*Email dispatched to Xoom support.*
YugaTech.com is the largest and longest-running technology site in the Philippines. Originally established in October 2002, the site was transformed into a full-fledged technology platform in 2005.
How to transfer, withdraw money from PayPal to GCash
Prices of Starlink satellite in the Philippines
Install Google GBox to Huawei smartphones
Pag-IBIG MP2 online application
How to check PhilHealth contributions online
How to find your SIM card serial number
Globe, PLDT, Converge, Sky: Unli fiber internet plans compared
10 biggest games in the Google Play Store
LTO periodic medical exam for 10-year licenses
Netflix codes to unlock hidden TV shows, movies
Apple, Asus, Cherry Mobile, Huawei, LG, Nokia, Oppo, Samsung, Sony, Vivo, Xiaomi, Lenovo, Infinix Mobile, Pocophone, Honor, iPhone, OnePlus, Tecno, Realme, HTC, Gionee, Kata, IQ00, Redmi, Razer, CloudFone, Motorola, Panasonic, TCL, Wiko
Best Android smartphones between PHP 20,000 - 25,000
Smartphones under PHP 10,000 in the Philippines
Smartphones under PHP 12K Philippines
Best smartphones for kids under PHP 7,000
Smartphones under PHP 15,000 in the Philippines
Best Android smartphones between PHP 15,000 - 20,000
Smartphones under PHP 20,000 in the Philippines
Most affordable 5G phones in the Philippines under PHP 20K
5G smartphones in the Philippines under PHP 16K
Smartphone pricelist Philippines 2024
Smartphone pricelist Philippines 2023
Smartphone pricelist Philippines 2022
Smartphone pricelist Philippines 2021
Smartphone pricelist Philippines 2020
eugene aberer says:
My account was closed by XOOM on May 26,2010 and they will not tell me why it was closed except to say I violated there service agreement. The main problem with XOOM is no one will tell you any thing and they do not answer email or return phone calls. The only thing I can say is XOOM and the US Government are alike not user friendly.
Dog training says:
Very interesting… as always! Cheers from -Switzerland-.
Dexter Zafra says:
That’s scary. If your credit card info goes to the wrong hand, better cancel the account right away.