Thursday, March 27, 2008

No Patch for Human Stupidity

Situation:Email
Sender: Not recognized
Subject: Nonsense
Body: Link only

Pop Quiz:
A. Click the link
B. Delete the Message
C. Send it to Spam
D. Adjust the Spam filters on the server

If you picked anything but A you are smarter than Bob's co-worker.

What makes people do stuff like this? Why? Would they walk up to a building in a strange neighborhood and open the door and walk in, just because? Are these the same people who go to the wrong address and wonder why the people who they are looking for are not there?

Well to answer those questions I got the brilliant Idea to start a new Honey project. www.honeyspam.com Coming soon. I envision this project as a collection point for surveys where fake spam is sent to co-workers or clients to find out why people are clicking on links in spam, so that we can develop better methods of training.

Tim Krabec
Kracomp.com

1 comment:

Keydet89 said...

I've seen worse...I've seen legal counsel (a) click on the attachment, infecting the entire infrastructure, (b) tell the CIO that he "didn't do anything", and then (c) go tell the CEO that he (Counsel) did, in fact, infect the network.

One time I did get a call from a Senior VP, in which she informed me that the 2 or 3 bits of spam she got a day got to be annoying, so she replied to one of them (all the while saying that she was fully aware that she shouldn't have done so) telling them to stop sending her spam, and over her lunch break she got approx 1700 spam emails. I guess she sort of noticed that 1700 in a few hours is a bit up from about a dozen a week...