Recently, someone in my office (of ~60 people) created a parody Twitter account of me. So I decided to figure out who it was.
First, the parody profile:
The quickest way to find out who’s behind all this is to do what all “hackers” out there do. Claim you forgot your password and see if you can glean anything from the limited amount of information the website gives.
Keep in mind, this method is what most identify thieves use to gain information about you. They will have something small (like your account number) and call the hotline and claim they forgot the PIN and can socially engineer their way through to have the customer service representative to give up any information they have on you. Once they collect it, they will simply call in again and use the information they just received to “verify” their identity.
In this case, it would be a largely (but not completely) redacted email account:
Now, from here we can guess that the email in question would be
firstname.lastname@example.org because that is the Twitter handle. From a quick trial and error, we find that gmail account doesn’t exist. Next, we try (to our amazement)
email@example.com to find that our prankster didn’t take the time to make the email more cryptic:
This leads us to a screen asking when the account was created. We can logically assume that the gmail account was created right before the Twitter account was, that is to say: today (June 2017).
This answer leads us down a path which asks us to confirm our cellphone number so it can send a code.
This is the point where having a small office helps. I know it must be one of my office mates (long story there), and of the ~70 folks, I can immediately rule out half of them given their personality and aversion to technology.
A simple search through our company’s database yields two phone numbers that end in 46. From here, I could tell exactly who it was since one of these start very recently and doesn’t know me too well and the other is known for his prankster side. Usually, here is where I would stop, but I decided to confirm exactly who this was, so I entered in the phone number that I suspected was wrong to get the following screen:
Next, I tried the number for the guy I did suspect: