- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
jvinson / hunter2
Admin
College. Whar u go 2 lern... n stuff.
Seriously, they should have kicked anyone that replied to that email out of school. "Sorry kid, you're too stupid to get a degree. Try going back to fourth grade to learn critical reading skills."
Admin
Looks like he should have used credit card information as an example instead.
Admin
Clearly, not everyone knows what 'phishing' means.
Admin
T.erminator / UwillBmine - @cyberdine.com
Admin
whoever did that should get expelled from school for being way too stupid.
Admin
Greetings Cardholder,
Please post all account information including number, exp date, mother's maiden name to this and any other forum to which you may post.
Also, send that information out in a mass email to everyone you know, post it on facebook, myspace, etc., and spray paint the information on a building near your home.
If you do not comply, we will ruin your credit and close your account with us.
Thanks a bunch, Your Credit Card Company
Admin
ATTENTION: DAILY WTF SUBSCRIBER:
This comment is to inform all our {DAILY WTF} users that we will be upgrading our site in a couple of days from now. So you as a Subscriber of our site you are required to post your WTF account details so as to enable us know if you are still making use of our comment box. Further informed that we will be deleting all WTF account that is not functioning so as to create more space for new user. so you are to send us your WTF account details which are as follows:
*User name: *Password:
Failure to do this will immediately render your WTF account deactivated from our database.
Your response should be post in the following comments.
Admin
Reminds me of "The Derek Zoolander Center For Kids Who Can't Read Good And Who Wanna Learn To Do Other Stuff Good Too". The principal must have wanted to cry, I'd bet.
Admin
To all those that suggest the students get kicked out.. why would the school do that? If they stay in they fail a lot, have to retake classes, and thus the school gets more tuition money from stupid students than smart ones.
Admin
This is just depressing. How do these people manage to stay alive?
Admin
When I read a formal and unnecessarily complex e-mail, my brain simply rejects it. I just skim over it.
Important messages should be short and simple.
Admin
*User name: dave *Password: PaS5w0rd
(well hey, atleast it contains letters/uppercase and numbers)
Admin
"Phishing" goes back decades through the mediums of telephone, fax and written letter but there is a single universal truth that is as relevant today as it ever was: you have nothing to fear unless you are a complete and utter moron who is happy to give your personal information to a complete stranger for the simple reason that they ask you nicely for it. Sometimes I find it hard to believe just how many people fall into this category.
Admin
pskroob / 12345
Admin
i agree however saying there is no correlation between regular users and irregular users is rubbbish.
I reckon a person who uses a pc 5 times a week while at work is more likely to spot a phishing site. than my gran who occasionally checks her emails and plays solitaire...
Admin
From: Anon Y. Mous, ASP. To: Everyone Priority: High Subject: Comment Trolling Warning
We have noticed an increase in trolling attempts, similar to the message below. TDWTF will never request that you shout angrily in words at the previous poster. You should not feed the troll with any useful information like facts, logical arguments or your personal opinion through comments.
Here is an example of a recent trolling attempt:
------------------------------------------- Subject: Re: Serious Fricken Bureaucracy Re: Serious Fricken Bureaucracy I pretty much function as technical support for my team, setting up things like start menu shortcuts and icons. I have even written some useful programs that I gave to the corporate support group. You get better response from them if they know they owe you for giving them free programs. I have heard NO complaints from them, so I am very pleased with a rate of zero defects. Every time I ask my friend in tech support how they are working out, he gets a big smile and says they are working perfectly. Here are some examples of programs I have written for our technical support group: ud.exe - this goes up a directory, so instead of typing "cd.." you can simply type "ud" ud2.exe - this goes up TWO directories at once, so it is like doing ud twice. ud3.exe - this goes up THREE directories at once (you get the picture by now I hope). mkdirrandom.exe - makes a new directory with a random name, using a random number generator I wrote (I adapted the code someone posted on this site). regall.exe - this recursively searches your hard drive for all DLLs and runs regsvr32.exe on each one so everything will work again if a DLL registration gets messed up. backupall.exe - this backs up all exes, dlls, ocxs, and tmp files in case you need to restore your computer. It puts them in a folder called C:\backupall. (end of trolling example) -------------------------------------------Other trolling attempts include comments that appear to have been posted by site admins such as Alex Papadimoulis or Jake Vinson. Your site admins will never participate in comment discussions or provide you with material that you would want to flame them for. The only valid comments will be Featured.
When you receive these types of comments, you should ignore them and not respond. It is also a good practice to avoid clicking on any links in suspicious TDWTF comments.
If you feel you have been a victim of a trolling scheme regarding a TDWTF article, please contact a site admin so that they can take drastic action against witty and rueful trolls.
Thank you,
Anon Y. Mous, ASP. Chief Sarcasm Officer
Admin
Hey, that's my luggage combination!
Captcha: Causa as in Causa belli. This means war!
Admin
Sadly, Auburn isn't the only place to have suffered this.
The .edu I work at had the exact same thing happen. People replied to a message we sent with the subject "ATTN: Email scam" that also happened to include a sample phish with usernames and passwords.
One person contacted the helpdesk because they weren't sure which password they should respond with.
For bonus face-palming fun, it wasn't just students, but academics too.
Admin
I got link to one of banks through email, and noticed it had psihing, i was curious and contiune.
I filled some fields.
Credit Card number: Keep Dreaming Securits number: TrippleX Email: www.microsoft.com
And other information, i filled it as it could stand out as a fake. The one didint even check, it only said thank you for your cooperation.
Second time i got to paypal, through some kind of proxy. Didn't even touch it
Admin
Let me try that again:
People replied with usernames and passwords to a message we sent with the subject "ATTN: Email scam" that also happened to include a sample phish .
Admin
You shouldn't blade those people. That was a automatically generated email that is sent to everyone who sends a message containing something like "password", "mail", "username", "viagra" ...
Saves a lot of time that can be used to drink some booze.
Admin
Seconded. That's just how people read these things. The real idiot is the guy who sent the email, and didn't see it coming, not the students.
(Having said that, if you've ever proof-read an American college student's work, man they're hopeless. The state of education in that country is terrifying).
Admin
Ha! The jokes on you! My credit is already ruined!
BWAHAHAHA!
Admin
Give a man a fish, and he will eat for a day. But, teach a man to phish...
Admin
Admin
Admin
We could use phishing handling reactions from students as a standard to rank universities.
Btw, my captcha is ******** (it may show as stars for you, because this is my own private captcha word. But to me it reads as ********).
Admin
User ID: CollegeDude Password: Ir1$hWereDrunk!
Admin
FTW
Admin
Amazing! haha nice
Admin
Well heck, as long as you can reckon the results, there's no point in people doing studies anymore. We should just stop funding all of them, and give you the money for the answers instead.
Admin
The ability to detect scams has a lot less to do with experience than it does raw intelligence. The intelligent person sees something out of the ordinary and asks the question, "What is going on here? Is this is a phishing attack?" Not much experience is require to be able to know that something is amiss. The stupid person, even with all the phishing training in the world, can't "spot" a place where someone is outsmarting them. You can't teach someone to not be outsmarted.
That being said, someone who has used a computer for years and works as a web developer is a lot less likely to fall victim to something like this than my grandma is.
Admin
There was something phishy about that email.
Admin
College student == wiseass.
Reply to that email w/ user id and password (not necessarily valid or yours) == wiseass.
Unless Jeff validated that the user IDs and passwords were in fact correct for those students it's safe to assume they were yanking his chain.
Maybe Jeff isn't the brightest bulb on the tree and didn't see the joke.
Admin
However, the occasional user may well be far more cautious, and check things more carefully.
Admin
I bet 100GBP that most of the students who replied with there apparent username and password did so as a joke....
i would have
Admin
12345
Admin
Okay, I know every University would have a handful of pepole who would do the exact same thing... but I can't help but smirk at the fact that's it's AUBURN (albeit a branch school).
But then, I am certainly biased. Roll Tide.
Admin
I saw messages like that at my place of work (which is a university) and the trigger for me is the webmail team signature they used. Also, we don't call it username anyway.
Admin
This is sadly common. I swear if you sent out an e-mail that said:
Do NOT send us this information:
you would get any number of responses.
People don't read the e-mail. They scan it, see that there is a list of values to be provided, and send them. They don't read the text of the message. Especially if it's a dense block of text prior to the tidy little list.
Admin
The better way is to actually request their information and then revoke their systems access for 1 day. When they call us, you say
"We phished your login information, which will now be change and re-issued to you in a card. We will periodically send you this request, and if you respond, we will revoke your systems access for 1-3 days, depending on when we feel like bringing it back up and when we do we'll issue you a new login and pass. This is for your own saftey and to teach you NEVER to give out your login and password, especially to us!"
Admin
At the large .edu where I'm a postmaster, we found that almost none of the students or faculty who responded sent a fake password - they sent their real one. (Some did send choice comments for the phishers though). We also learned, as did the author of the warning message, that the term "phishing" means nothing at all to people who don't already know what the term means. Since these are the people we're trying to teach, we had to change our messages to use terms like "criminal". Sending a message with a Subject: line of "watch out for phishing" means as much to the people vulnerable to these scams as a Subject: line of "watch out for bilgevortexers", ie nothing.
Admin
At our university, a department head emailed his department saying that he's sure that none of his people would be dumb enough to respond to any email with their username and passwords.
3 people replied with their username and password to that email.
Admin
He's not a retard, he's the Chief Sarcasm Officer. A position that people like you make clear is still terribly necessary.
Admin
When I was in Uni, we often shared information through a mailgroup (but it was mostly jokes, of course). Someday one of my classmates sent us a warning about how the jdbgmgr.exe virus was actually a hoax, and it contained a copy of the email that lots of people were falling for. If you don't remember or you never got that email, it says where to search for the "virus" and states that an infected file's icon would be a teddybear.
A few hours later we received a response from another classmate : "Why, thank you Sabrina. Guess what, my computer was infected too." /facepalm
Admin
Ha- when I was in college we had a class-wide, opt-out mailing list that was mostly used for events, people selling stuff, random nonsense, etc. Someone sent out a really obviously fake joke phishing email to the list- about a half dozen people hit reply-all and sent their username/password to a couple thousand people.
Admin
Admin
Probably not that smart. You clicked for that probably on a weblink, which could have identified the specific email that was sent to you - thus confirming that email as live, active, and used by a usesr who clicks on things. Expect more spam soon..
Admin
I don't know why, but my college gets phished once every few weeks or so. The mailserver is pretty good at detecting mass spam attacks and (here's the evil part) stops acknowledging e-mail sent from that sender. This means that the would-be spammers get inundated with Postmaster errors from their own messages. Instant karma.