Who is “Gary Jones”? An investigation into how a hacker may have stolen nude photos for a “revenge porn” site:

Is it really so easy to hack a Gmail account? See for yourself: Go to the Gmail login screen and click on the frequently ignored link underneath the sign-in menu, ‘Can’t access your account?’ Three options appear; choose ‘I forgot my password.’ Type in a Gmail address—any active Gmail address—and if there’s a phone number associated with the account, you’re given three more options, one of which is ‘Get a verification code on my phone.’ You don’t even need to know the phone number. Just hit ‘continue’ and an unrelated six-digit code will appear in a text to the account owner’s phone. Type in that verification code—a number easily obtained by a masquerading e-impostor—and you’re in. The first thing you’re prompted to do is immediately change your password, thereby blocking out the original owner.

In other words, if a hacker knows only your Gmail address and can figure out how to access your phone, he’s already most of the way into your shit.

“‘Gary Jones’ Wants Your Nudes.” — Camille Dodero, The Village Voice

More #longreads from Dodero

Friends: We Need Your Help to Fund More Stories

We want to dramatically increase our story fund this year, but we can't do it without your support. Every dollar you contribute goes to writers and publishers who spend hours, weeks, and months reporting and writing outstanding stories. Now is the time to join us.
Become a Member