I happened upon this post by Naoki Hiroshima over at The Next Web today and it did hit home, especially because I am a Google Apps user, just like Naoki.
The quick summary is this: A rather smart individual wanted his @n Twitter account. Rather unique I’m sure you’ll agree. In order to get it, the hacker made a serious of smaller social engineering hacks at Naoki’s domain registrar and payments provider. Shocking. But incredibly, incredibly effective.
Here’s the first para:
I had a rare Twitter username, @N. Yep, just one letter. I’ve been offered as much as $50,000 for it. People have tried to steal it. Password reset instructions are a regular sight in my email inbox.
As of today, I no longer control @N. I was extorted into giving it up.
It’s prompted me to address how I’m handling a lot of my activities online. Not that anyone will be after my @ew4n Twitter account. I had to stick in the ‘4’ because that lucky chap Ewan Spence got there before me!
Does anyone have any advice on the best domain name registrar to use?
And is it worthwhile getting a registrar with two factor authentication?