And Drew, phishing I dont think is “most real form of hacking there is” like you say. But I do think that when all else fails, phishing still works and it works quite well, as your friend Mike demonstrated. And yes, it is a huge gap in network security. Lots of manhours and technology are being focused at the problem trying to fix it with stronger authentication, etc. But with dumb employees still in the loop, its a huge uphill battle.

So what is the latest on your friend Mike? I tried a Google search but didn’t manage to find much. Was he released? Charges dropped? and thanks for sharing your thoughts!

I know Mike personally, and I also work tech support in a call center for a large cable internet provider, and the company I work for is very prepared for such calls and prepared against social engineering.

Obviously, the charges against mike was a little more than just “phishing accounts,” in your terms sounds like he just got a couple member usernames. Mike is charged, according to the article, with gaining access to about 50 employee accounts.

Please explain the difference, Pat, between a weakness in a network, and the ability for somebody to social engineer their way to customer financial information. In my opinion, social engineering is the most real form of hacking there is, and the lack of attention that companies put to that aspect of hacking IS quite a large gap in network security.

If Mike Nieves is a stupid kid, and if AOL is among the best protected networks in the world, then how did some “stupid kid” hack into the “best protected network” so easily?

Just Wondering….

Also, no jailtime