Strange as it may seem, this life is based on a true story." - Ashleigh Brilliant
Need to know more?
True blue Scorpio
click to view all
June 2003 July 2003 August 2003 September 2003 October 2003 November 2003 December 2003 January 2004 February 2004 March 2004 April 2004 May 2004 June 2004 July 2004 August 2004 September 2004 October 2004 November 2004 December 2004 January 2005 February 2005 March 2005 April 2005 May 2005 June 2005 July 2005 August 2005 September 2005 October 2005 November 2005 December 2005 January 2006 February 2006 March 2006
Wednesday, February 08, 2006
People never cease to amaze me.
Everyone at work and, likely, everyone in our mother agency (i.e. close to 9,000 people) received a phishing scam at work yesterday. This isn't uncommon - our mail filters knock out a lot but it's impossible to stop them all.
The links, obvious by running the mouse over them and glancing down at the window bottom, went to some cosmec.net site; not Visa. No surprise there, as this is an obvious phishing scam.
Yet, no matter how many times I have told my users that 99% of all such emails are scams, that there is nothing to be done, that online companies will NEVER ask for you to verify your account via email - for the love of all things holy and sacred just delete the goddamn thing - they will still, without fail, flip shit when things like this appear in their Inbox.
One clever fellow pointed out to me that Visa does not have his work email address so this was an "obvious scam". No shit, Sherlock.
One angry employee wanted to know what authorities he could report this "attempted criminal fraud" to, as it was a crime against he and the state. As if we've never gotten such things here at work before, and he's never even heard of a "phishing scam".
I tried to explain that this was not an isolated attack and that the email was likely sent out by a legion of zombie computers rather than a single person. Nothing could be done, it was a minor inconvenience, there were no worries if they knew - as they should - not to click on any of the links. Please, just delete it.
Yes, I could offer up a few places for them to report it, but why open another can of worms?
I shudder to think how many didn't even bother to contact me, but simply clicked on the links and offered up their user names and passwords.
Welcome to my world, eh?