Forgot your password?
typodupeerror
Privacy

Journal: No good deed goes unpunished...

Journal by Shadowruni
A few nights ago I was reading my email when I got some phish; an email broken English stating that I MUST use their software. (Not included in the email but linked to instead) to access my Monster.com account. Notwithstanding Monster's WAY too lazy security policy on email addresses (I get a few "shipping coordinator" offers a week); something about this piqued my curiosity.

Since I hadn't seen this scam before, and like any halfway decent security professional I was in a machine on a DMZ, I followed the link, which my AV promptly screamed was a virus (go AVAST!), and then I decided to look at the domain hosting it. It was registered to someone in my own city, Seattle, and after five minutes on Google I had a pic of him and his wife not to mention contact info and a home address.

Ok, so here's the moral dilemma: Do I call up the guy whose identity was obviously stolen, or do I let him learn the hard way about personal data security? It's not a quick answer as, he could just as easily say I did it since I had enough skill to perform a whois lookup. We all know how well government officials deal with the intarwebs and its tubes; so I'm not looking to see if he tries to use me to recoup his losses. So what would you do in this situation?

This universe shipped by weight, not by volume. Some expansion of the contents may have occurred during shipment.

Working...