Killer Paid Online Data Broker
Killer Paid Online Data Broker for Material Obtained Through Trickery. (Source: the Washington Post). The quick summary: a stalker who eventually murdered his victim acquired her home address via a company named Docusearch. However, Docusearch didn’t get it via database mining, but through a process they call “pretexting,” but perhaps better known in hacker/cracker/phreaker circles as “human engineering” or the good ol’ “pretending to be somebody else.” In effect, they called the victim’s business associates pretending to somebody else (an insurance rep or some such), and tricked the colleague into giving over the victim’s address.
Perfectly legal. Ethical? Maybe. It’s a tried and true investigative technique employed by private investigators for decades. Two comments:
First, never mind Microsoft’s gaping holes, encryption, blah blah blah. This shows once again that the human dufus at the next desk over is the biggest security risk.
Second, this is an issue of an investigative firm exercising a typical, long-standing investigative practice for a purpose that, unfortunately, turned nefarious. So why is the spin on this article that it was an online data broker?