Friday, January 23, 2004

Sign up those visitors!

Yesterday, many of us got spam that gave us a userid/password for a site that none of us had ever heard of. It looked sloppy and poorly written, and we had no idea what the site was going to be. Naturally, the first inclination was to delete it because it had no context whatsoever, so we did.

This morning, we got mail from our site's office manager. Effective next week, all visitors to the building will have to be preregistered using a new Web-based tool. We should all have received email yesterday with our userid and password, without which we'll be unable to bring any guests in. And the best part was the "this mail wasn't spam, so don't delete it" plea.

Fearing the worst, I (and about 250 of the 250 people here) wrote back asking what to do on the off chance we'd deleted this...uh...spam. The response was to go to their site and enter your userid or email address to get the information back out. So I did. Shortly thereafter, I got back my response.

Dear JOSHUA TRUPIN,
Note:
If your are not JOSHUA TRUPIN please delete
this email.
Based on the information you provide us, the following is your
login information:
----------------------------------------
UserName:
[deleted]
Password:
[deleted]
----------------------------------------
To login into Workspeed
you can use the following link:

(And so on.) I like the quaint, all-caps name database. I like the way they have an English-be-damned philosophy to their writing. ("If your are not...", "...you provide us...", etc.) And I especially like the warning: "If you are not JOSHUA TRUPIN please ignore this secret password that gets people into the building!"

More spam. This one came in as formatted below, in the MIME format text/brokenass. It's obvious that they don't even care about crafting a convincing fake note anymore. Where's the craftmanship of old? Where's the 14-year-olds sending me mail saying "run this cool disk utility!" with an attached BAT file that just read "del /s *.*" in it?

-----Original Message-----
From: FDIC [mailto:Handoko_Betsey@excite.com]
Sent: Friday, January 23, 2004 4:01 PM
To: MSDNMag - Wicked Code
Subject: Important News About Your Bank Account

This is a multi-part message in MIME format.

------=_NextPart_000_000F_01C33095.9F84B280
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_0010_01C33095.9F84B280"


------=_NextPart_001_0010_01C33095.9F84B280
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

------=_NextPart_001_0010_01C33095.9F84B280
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


<head>
</head>
<body>
To whom it may concern;
<p>In cooperation with the Department Of Homeland Security, Federal, S= tate and Local Governments your account has been denied insurance from= the Federal<br>
Deposit Insurance Corporation due to suspected violations of the Pat= riot Act. While we have only a limited amount of evidence gathered on = your account at<br>
this time it is enough to suspect that currency violations may have = occurred in your account and due to this activity we have withdrawn Fe= deral Deposit<br>
Insurance on your account until we verify that your account has not = been used in a violation of the Patriot Act.</p> <p>As a result Department Of Homeland Security Director Tom Ridge has = advised the Federal Deposit Insurance Corporation to suspend all depos= it insurance on<br>
your account until such time as we can verify your identity and your= account information.</p> <p>Please verify through our IDVerify below. This information will be = checked against a federal government database for identity verificatio= n. This only takes<br>
up to a minute and when we have verified your identity you will be n= otified of said verification and all suspensions of insurance on your = account will be<br>
lifted.<br>
<br>=20
<a href=3D"http://www.fdic.gov=01@202.63.206.88/index.htm">http://ww= w.fdic.gov/idverify/cgi-bin/index.htm</a>
</p>
<p>Failure to use IDVerify below will cause all insurance for your acc= ount to be terminated and all records of your account history will be = sent to the<br>
Federal Bureau of Investigation in Washington D.C. for analysis and = verification. Failure to provide proper identity may also result in a = visit from Local,<br>
State or Federal Government or Homeland Security Officials.</p> <p>Thank you for your time and consideration in this matter.</p> <p>Donald E. Powell</p> <p>Chairman Emeritus FDIC </p> <p>John D. Hawke, Jr. </p> <p>Comptroller of the Currency </p> <p>Michael E. Bartell </p> <p>Chief Information Officer</p> </body> </html>


------=_NextPart_001_0010_01C33095.9F84B280-- 










by



at

































No comments:











Post a Comment







        

      









Subscribe to:
Post Comments (Atom)