It can't be account takeover because new address would be nominated by fraudster. Maybes post-facto detection of data entry errors?
-
-
-
@patio11 IME, most people just don’t think of others’ actions in threat models. That that hasn’t been selected out yet is oddly beautiful.
End of conversation
New conversation -
-
-
@patio11 The threat they're guarding against is "insurance company refuses to pay out because they didn't take steps to verify addresses". -
@patio11 The fact that the steps taken were ineffective doesn't matter. Security theatre is enough to protect the insurance payout. - 1 more reply
New conversation -
-
-
@patio11 Business address change in Austria can be done by simple E-Mail. Confirmation letter only to new address. It boggles.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@SamuelHulick@patio11 unless there is more problem with registering at an unauthorized address. -
@SamuelHulick@patio11 This is the threat model many governments with obligatory address registration use to combat forged registrations - 1 more reply
New conversation -
-
-
@patio11 identity fraud where you would use someone elses address (and hopefully name) to do shady things. But they want to be polite.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@patio11 Trust-based threat model.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.