Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Privacy

Journal: No good deed goes unpunished...

A few nights ago I was reading my email when I got some phish; an email broken English stating that I MUST use their software. (Not included in the email but linked to instead) to access my Monster.com account. Notwithstanding Monster's WAY too lazy security policy on email addresses (I get a few "shipping coordinator" offers a week); something about this piqued my curiosity.

Since I hadn't seen this scam before, and like any halfway decent security professional I was in a machine on a DMZ, I followed the link, which my AV promptly screamed was a virus (go AVAST!), and then I decided to look at the domain hosting it. It was registered to someone in my own city, Seattle, and after five minutes on Google I had a pic of him and his wife not to mention contact info and a home address.

Ok, so here's the moral dilemma: Do I call up the guy whose identity was obviously stolen, or do I let him learn the hard way about personal data security? It's not a quick answer as, he could just as easily say I did it since I had enough skill to perform a whois lookup. We all know how well government officials deal with the intarwebs and its tubes; so I'm not looking to see if he tries to use me to recoup his losses. So what would you do in this situation?

The computing field is always in need of new cliches. -- Alan Perlis

Working...