Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Opinion: Tweeted Credit and Debit Cards Spotlight Social Stupidity

There is a saying in the InfoSec world – you can’t patch human stupidity. It isn’t hard to prove that statement depending on the situation, but a new account on Twitter is making the task a simple one. The account, @NeedADebitCard, is re-tweeting people who are openly declaring their intent to share the wealth (what little of it there is) by posting pictures of their debit and credit cards for all to see.

There is a saying in the InfoSec world – you can’t patch human stupidity. It isn’t hard to prove that statement depending on the situation, but a new account on Twitter is making the task a simple one. The account, @NeedADebitCard, is re-tweeting people who are openly declaring their intent to share the wealth (what little of it there is) by posting pictures of their debit and credit cards for all to see.

Complete with names, card numbers, expiration dates, and in some cases CVV code (the security code that appears on a statement or activation letter), the Darwin Award hopefuls seem all to willing to share their respective credit lines.

(Image Blurred by SecurityWeek for Privacy and Security Reasons)

Tweeted Debit Cards

It would be tragic if these images were stolen, or perhaps unknowingly leaked. However, they were intended for the public to see, and perhaps use, because the card owners willingly published the images themselves. Always willing to offer assistance and lulz, some supporters of Anonymous were only too happy to re-tweet some of the more revealing images, as were a few others who are not known for their hospitality.

Most of the images were taken with an awful image service called Instagram, while others were simply uploaded with TwitPic or something similar. Instagram, at the time this rant was written, is at least attempting to help the foolish by deleting the images that contained sensitive information. As for those on other image services, they’re on their own it seems.

There has been talk of legality; questions focused on if the re-tweeting done by NeedADebitCard is in fact a crime. After speaking to those familiar with such issues, it seems that anyone wanting to sue for the re-tweeting has an uphill battle. As they are the reason the card image existed in the first place.

Whoever runs the NeedADebitCard account appears to have done so in order to promote awareness, as the biography section simply states, “Please quit posting pictures of your debit cards, people.”

Most reading this won’t need the advice offered by @NeedADebitCard. In fact, of the images posted and since removed (though they are cached online), most of them were teens.

Thus, while most of the techies reading this know better, it might be wise to explain (rehash) the foolishness of such an act to the kids and significant others who stopped thinking for a brief moment during their financial joy.

The L.A. Times had some interesting stats in their coverage of the dunderheads on Twitter, which puts things into perspective.

“According to the U.S. Bureau of Justice, 8.6 million American households experienced identity theft in 2010, with unauthorized credit card use accounting for much of the increase from the 6.4 million households victimized in 2005. Families lost a total of $13.3 billion, with an average of $2,200 lost per household affected. A 2011 report from Javelin Strategy & Research cited by the Wall Street Journal said social media and smartphone use accounted for recent increases in identity theft.”

In closing, there’s nothing to say. All the advice in the world comes down to a harsh reality. No matter how hard security professionals try, no matter how loud they shout, you can’t patch human stupidity.

Written By

Click to comment

Expert Insights

Related Content

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Privacy

A top U.S. intelligence official on Thursday urged Congress to renew sweeping powers granted to American spy agencies to surveil and examine communications, saying...

Compliance

San Francisco-based privacy compliance and data protection firm TrustArc on Wednesday announced that it raised $70 million in a Series D funding round.