Thursday, February 20, 2014

So, I thought I was smarter than this...

Have you ever been driving along and come up on a sign stating Bridge Out Road Closed 2 miles ahead, you look down the road, straining your eyes, you see nothing, and the signs are there but you can drive through or around the barrier and think to yourself, "oh I can get through because the barriers aren't not preventing me from getting through!"  Yeah, their are two reasons they don't block off the road, 1) for the residence that may live down the road and 2) so that road crews can get through to fix the road!  Not for the ignorant soul who wants to save the 3-5 minutes of a detour!  Obey the Warning Signs!!

Earlier this week I received and email from a colleague.  The email wasn't anything out of the ordinary on the surface, busy day trying to get through 100+ emails in 5 minutes, so I was not being overly cautious as I was reading through them.
Sneaky Sneak Trolling....
So this one pops up with the following message and attachment.  Given my job there are numerous times a month I receive an email with an encrypted file that requires a password to be able to view.  Typically these are encrypted .pdf files that have another email with the password for the file attached.  Yes, that should have been my first warning sign something was awry!

So I click on the link and get directed to a Microsoft Office Outlook Web Access.  At first I was taken aback, (warning sign #2!)  But for some reason my brain rationalize, hey they sent you the email so this must be legit, I even check the email two more times looking for a password to enter thinking my email and the password included in the email would work and I have had legit messages like this in the past.  There was no password, so like a dummy I go back to the web page, never checking the webaddress and voluntarily put in my password.
Looks Legit, Likely Is!

Incorrect Username/Password (WARNING SIGN #3!!!!), I enter it a second time, Incorrect Username/Password, and my brain figuratively and likely anyone walking by my office could attest, literally exploded.  I had been duped, if I were driving through all the warning signs, I literally would have driven off the bridge that I believed was there but all the signs were clearly pointing out that it wasn't.

I freely put in my username/password to what is likely a spam/information grab from a very clever individual, albeit a criminal.

In the next couple of minutes other staff members were stopping in my office asking about emails they were receiving from this same individual and the clues started to align and what should have been obvious to me from the very beginning was becoming clear as day.
oh Yoda, if only I had listen to the voices in my head!

I had a flashback to Star Wars Episode 3 when Obi-Wan and Anikan get caught in the Ray Shield's
with Palpatine, saying to myself "I am smarter than this!  How could you not see it?"  So I quickly changed my password for that associated email address and then proceeded to change every password that I have on all my different emails accounts.  A hassle to change them all, yes, but clearly preventable if I  had just been observant of the signs!

No comments:

Post a Comment