Yota - or how you can find out everything
All actions in this article are for informational purposes only. All characters of the work are fictional, any coincidence with real people is random.
It all started with the fact that I read these articles about Megaphone.
I was a subscriber of this company for 12 years, I never personally caught these jokes and what I read led me to the state that I decided to change the operator.
My choice was not great ( MTS, Beeline, Tele2 ), but I realized that these companies do exactly the same thing as the above mentioned company. And then it dawned on me that there is a company and her name is Yota .
')
But you will say that Yota belongs to Megaphone and I will answer, let the vicious circle begin.
Everything was fine, came, bought a SIM card began to use.
I needed to change the phone number in the personal account of the Russian Post.
And I ran into the problem that this number (acquired in Yota ) is already in use.
I have a question - why so? And I remembered that in Yot, you can very easily change the phone number directly in the application. And maybe the former owner of my room simply simply forgot to “untie” it.
And I was hooked on by curiosity forbad familiarization actions, but will I be able to log in to the account of the person who had this phone number attached.
And I easily received a confirmation code and was able to enter a new password.
When you enter your personal account, we see this "personal information"
And here we can understand that everything is “lame” when you change your phone number and forget about some kind of mail, someone can easily receive your “personal information”
I decided to just drive this phone number into the “Find All” search system.
And we see the page of the former user of my number.
I easily found the person’s page through the city given to me, now we know the “personal data”, the VKontakte page and the person’s Steam account.
What could abad person do with this information?
I will give you the answers.
And we will continue, everyone knows about the portal of state services? Yes, that's exactly what you thought.
We, using my phone number and data that I politely provided the personal account of the Russian Post, will try to restore access to the portal.
By entering the phone number and passport data, I was able to easily restore access to this portal.
And what do we see? We see all the most important documents of this person.
Since we now know the mail of this person, I decided to see if my phone number is attached to it (spoiler: yes).
And here we already have mail!
As far as we know, if we haveRussian Post, we own everything that is tied to it, I saw that the mail is tied to the following accounts: Blizzard, Google, VKontakte, AliExpress, GOG.
the end.
Before changing the phone number, make sure that you have untied everything you can.
I can’t even imagine what would happen if this information came to attackers or people who know more than me what to do with this information.
Who is to blame? It's hard to say, let's share an opinion.
And what would you do in this situation?
PS I apologize for all the flaws, spelling errors. My first articledoes not judge strictly.
Introduction
It all started with the fact that I read these articles about Megaphone.
- How Megaphone burned on mobile subscriptions
- "Mobile content" for free, without SMS and registrations. Details of fraud from Megaphone
I was a subscriber of this company for 12 years, I never personally caught these jokes and what I read led me to the state that I decided to change the operator.
My choice was not great ( MTS, Beeline, Tele2 ), but I realized that these companies do exactly the same thing as the above mentioned company. And then it dawned on me that there is a company and her name is Yota .
')
But you will say that Yota belongs to Megaphone and I will answer, let the vicious circle begin.
Everything was fine, came, bought a SIM card began to use.
All for what we are here
I needed to change the phone number in the personal account of the Russian Post.
And I ran into the problem that this number (acquired in Yota ) is already in use.
I have a question - why so? And I remembered that in Yot, you can very easily change the phone number directly in the application. And maybe the former owner of my room simply simply forgot to “untie” it.
Screenshot from the Yota application
And I was hooked on by curiosity for
And I easily received a confirmation code and was able to enter a new password.
Verification code Mail Russia
When you enter your personal account, we see this "personal information"
And here we can understand that everything is “lame” when you change your phone number and forget about some kind of mail, someone can easily receive your “personal information”
I did not stop at these actions and continued to search.
I decided to just drive this phone number into the “Find All” search system.
And we see the page of the former user of my number.
The link itself gives me a 404 error
I easily found the person’s page through the city given to me, now we know the “personal data”, the VKontakte page and the person’s Steam account.
What could a
I will give you the answers.
And we will continue, everyone knows about the portal of state services? Yes, that's exactly what you thought.
We, using my phone number and data that I politely provided the personal account of the Russian Post, will try to restore access to the portal.
By entering the phone number and passport data, I was able to easily restore access to this portal.
And what do we see? We see all the most important documents of this person.
And also my phone number (+ mail of this person)
Since we now know the mail of this person, I decided to see if my phone number is attached to it (spoiler: yes).
Mail Confirmation Code
And here we already have mail!
As far as we know, if we have
the end.
Conclusion
Before changing the phone number, make sure that you have untied everything you can.
I can’t even imagine what would happen if this information came to attackers or people who know more than me what to do with this information.
Who is to blame? It's hard to say, let's share an opinion.
And what would you do in this situation?
PS I apologize for all the flaws, spelling errors. My first article
Source: https://habr.com/ru/post/458932/
All Articles