About This Site
Interesting Links
Recent Comments
On Monday, I did something incredibly stupid. Something that I've never done before and will never, ever do again. It's something that I'd laugh at normally, in a nasty har-har-you-asked-for-it kind of a way. And in a moment of extreme credulity, I did it myself.
I got a spam email sent to me on Monday. Because I've been fiddling about trying to improve my spam filtering (now back in place and working better than ever) it wasn't picked up as a spam. But it was HTML only. Usually, I delete HTML email immediately (I generally use mutt to read my email, and view any html stuff with w3m), but I opened it, peered at it glowing in my console window, faithfully filled in my ICQ Number, my ICQ password and hit submit.
D'oh.
Words can't describe the sheer panic and helplessness I felt moments later. And to compound matters, I didn't have an ICQ installation available that was capable of changing the password.
I eventually had to improvise by hunting out a windows box and installing the ICQ lite alpha and changing it from there. There's a helpful little message on the ICQ website: "Be Careful: Never enter your ICQ password on any site other than the ICQ Web site."
Fortunately, my ICQ password is very old and one I've not used for anything else in years, so any potential further damage is somewhat limited... I'm not even sure what I sent was recorded as the ISP looked as if they'd taken down the page (although I don't know for sure). But at least I managed to change the password before I was locked out and that's the main thing... 8)
But I've certainly learnt a lesson in there somewhere...
Oh, wait ... what I meant to say was this ...
Greetings to you,pardon me to introduce myself in so informal a
anner. I
wish to seek your assistance in a project I will
reveal to you shortly. My name is COL.ZAKARI BUBA of the
Democratic Republic of Congo. I was a close friend of the former
President of the Democratic Republic of Congo LAURENT KABILA of
Blessed memory, may.
While LAURENT KABILA was still alive he secretly confided in me to take some funds abroad to keep in a secret account, which will be used to fight opposition forces back home in the Congo. He gave me Fifteen Million United States Dollars (US$15,000,000.00) cash to go
with. but a day before I was schedule to travel out of Congo, we heard that President Laurent Kabila had been shot by his aide (Col.Rasheidi Karesava).
For you to claim a portion of these funds, please give me your ICQ number and ICQ password.
(I sent this message in order to have your advice)
No, I wasn't drunk (not drinking is an important aspect of the diet, for one thing!) or otherwise operating on reduced faculties. I was multitasking at the time, but even so I don't usually opperate quite so much on autopilot. It's just that for whatever reason I missed every single one of the dozens of "stop! warning!" signs on the way.
Anyway, when something appears in a console window, devoid of other cues (bad frontpage design, big text, etc.) it simply looks more plausable.
Maybe another reason was that although I've read about these techniques before, I've never actually been hit with one myself over email. I'd never have responded to an IM asking for my password, nor someone phoning me up - but over email? I'm so used to "activating" stuff over email , I didn't really give it a second thought.
Anyway. It happened to me, and I got away with it. I was lucky. At least I realised what I'd done as soon as I'd done it.
Think of it as a cautionary tale - I'd never have thought I was susceptable to this form of attack till it happened... So don't be too complacent yourself 8)