• NakedJaybird (unregistered)

    Out Of Office AutoReply

    Username: EfficientGuy Password: %5suvDSX

  • WhiskeyJack (unregistered)

    I always liked to submit the forms with data that looked very plausible, but was made up. It's fairly easy to spoof a valid-looking credit card number. Might as well decrease the scammer's signal-to-noise ratio.

  • Anon (unregistered) in reply to rd
    rd:
    how do I go up four directories?

    Duh! You just use ud2.exe twice!

  • ambrosen (unregistered) in reply to DaStoned
    DaStoned:
    When I read a formal and unnecessarily complex e-mail, my brain simply rejects it. I just skim over it.

    Important messages should be short and simple.

    -1 for honesty. Really you should claim everyone else does this and that you're immmune. OK, I admit it, I do that, too.

  • (cs) in reply to curtmack
    curtmack:
    I don't know why, but my college gets phished once every few weeks or so. The mailserver is pretty good at detecting mass spam attacks and (here's the evil part) stops acknowledging e-mail sent from that sender. This means that the would-be spammersthe people whose addresses they impresonated get inundated with Postmaster errors from their own messages. Instant karma.

    FIFY.

  • IV (unregistered) in reply to JackD
    JackD:
    To all those that suggest the students get kicked out.. why would the school do that? If they stay in they fail a lot, have to retake classes, and thus the school gets more tuition money from stupid students than smart ones.

    But if those people graduate, it reflects the quality of the school, making a degree from that school less prestigious. Which means they won't be able to charge as much for tuition (in theory), and admittance levels are probably capped.

    I do sometimes put information in phishing websites, but never any real information. It amuses me that the scammers will have to filter out what I put in and waste some of their time.

  • THM (unregistered)

    I work in tech support/computer repair for a relatively prestigious business school. My boss sent out an email similar to the one described above.

    Big

    Mistake

    In the aftermath of the debacle this became, we determined that well over 2.5% of the student body (as well as a decent portion of the faculty) didn't read the email at all; they just sent in their username and password.

    These are the people who are going to be running corporate America in ~20 years, and they are largely computer illiterate (not to mention plain old normal illiterate, and mostly innumerate as well).

  • Bob (unregistered) in reply to root
    root:
    12345

    1 2 3 4 5? That's amazing! I've got the same combination on my luggage!

  • Responder (unregistered) in reply to jpers36
    jpers36:
    ATTENTION: DAILY WTF SUBSCRIBER:

    This comment is to inform all our {DAILY WTF} users that we will be upgrading our site in a couple of days from now. So you as a Subscriber of our site you are required to post your WTF account details so as to enable us know if you are still making use of our comment box. Further informed that we will be deleting all WTF account that is not functioning so as to create more space for new user. so you are to send us your WTF account details which are as follows:

    *User name: *Password:

    Username: Responder Password: [blank- Unregistered]
  • (cs) in reply to Jake Vinson
    Jake Vinson:
    jvinson / *******
    i don't get it
  • Dirk Diggler (unregistered) in reply to Yep
    Yep:
    From: Anon Y. Mous, ASP. To: Everyone Priority: High Subject: Comment Trolling Warning

    We have noticed an increase in trolling attempts, similar to the message below. TDWTF will never request that you shout angrily in words at the previous poster. You should not feed the troll with any useful information like facts, logical arguments or your personal opinion through comments.

    Here is an example of a recent trolling attempt:

        -------------------------------------------
        Subject: Re: Serious Fricken Bureaucracy
    
        Re: Serious Fricken Bureaucracy
    
        I pretty much function as technical support for my
        team, setting up things like start menu shortcuts and 
        icons. I have even written some useful programs that I 
        gave to the corporate support group. You get better 
        response from them if they know they owe you for giving 
        them free programs.
    
        I have heard NO complaints from them, so I am very 
        pleased with a rate of zero defects. Every time I ask 
        my friend in tech support how they are working out, he 
        gets a big smile and says they are working perfectly.
    
        Here are some examples of programs I have written for 
        our technical support group:
    
        ud.exe - this goes up a directory, so instead of typing 
            "cd.." you can simply type "ud"
    
        ud2.exe - this goes up TWO directories at once, so it 
            is like doing ud twice.
    
        ud3.exe - this goes up THREE directories at once (you 
            get the picture by now I hope).
    
        mkdirrandom.exe - makes a new directory with a random 
            name, using a random number generator I wrote (I 
            adapted the code someone posted on this site).
    
        regall.exe - this recursively searches your hard drive 
            for all DLLs and runs regsvr32.exe on each one so 
            everything will work again if a DLL registration 
            gets messed up.
    
        backupall.exe - this backs up all exes, dlls, ocxs, and 
            tmp files in case you need to restore your 
            computer. It puts them in a folder called 
            C:\backupall. 
    
        (end of trolling example)
        -------------------------------------------
    

    Other trolling attempts include comments that appear to have been posted by site admins such as Alex Papadimoulis or Jake Vinson. Your site admins will never participate in comment discussions or provide you with material that you would want to flame them for. The only valid comments will be Featured.

    When you receive these types of comments, you should ignore them and not respond. It is also a good practice to avoid clicking on any links in suspicious TDWTF comments.

    If you feel you have been a victim of a trolling scheme regarding a TDWTF article, please contact a site admin so that they can take drastic action against witty and rueful trolls.

    Thank you,

    Anon Y. Mous, ASP. Chief Sarcasm Officer

    You might want to check that backupall.exe program because if you lose the C drive you won't be able to restore them.

  • (cs) in reply to JackD
    JackD:
    To all those that suggest the students get kicked out.. why would the school do that? If they stay in they fail a lot, have to retake classes, and thus the school gets more tuition money from stupid students than smart ones.
    Sir, you have posted the stupidest comment ever! Schools are rated based partially off of their pass/fail rate and average GPA. Something like this only brings down the school's rating.

    Also, as I am sure with this university as well, the one I went to only 7% of their total income was from tuition. The rest came from grants (public and government), and research money. They really don't need that kind of tuition money that badly.

  • (cs)

    I had no idea it was this easy. Just quit my job to pursue a career in credit card phishing.

  • Nathan (unregistered) in reply to MrsPost
    MrsPost:
    They scan it, see that there is a list of values to be provided, and send them.
    I wish. I get help tickets missing critical information. When I respond with:

    Please provide the following information:

    1. What did you click, in what order?
    2. Setting 1?
    3. Setting 2?
    4. Did you check the box?

    I get something useless like: Clicked on the icon, filled out the form. Didn't work, please fix now, really important people are waiting. Why does it take so long to get something fixed? It's really frustrating not to have something you need.

  • Zach Bora (unregistered) in reply to Glow-in-the-dark
    Glow-in-the-dark:
    bsaksida:
    I got link to one of banks through email, and noticed it had psihing, i was curious and contiune.

    I filled some fields.

    Credit Card number: Keep Dreaming Securits number: TrippleX Email: www.microsoft.com

    And other information, i filled it as it could stand out as a fake. The one didint even check, it only said thank you for your cooperation.

    Second time i got to paypal, through some kind of proxy. Didn't even touch it

    Probably not that smart. You clicked for that probably on a weblink, which could have identified the specific email that was sent to you - thus confirming that email as live, active, and used by a usesr who clicks on things. Expect more spam soon..

    Email containing outside pictures (external href) that you display the pictures will tell them you exist. Receiving and/or Reading the email sometimes sends back to the sender that you read it, depending on mail client.

    captcha : jumentum (reminds me of jumanji)

  • (cs) in reply to Nathan
    Nathan:
    I get help tickets missing critical information. When I respond with:

    Please provide the following information:

    1. What did you click, in what order?
    2. Setting 1?
    3. Setting 2?
    4. Did you check the box?

    I get something useless like: Clicked on the icon, filled out the form. Didn't work, please fix now, really important people are waiting. Why does it take so long to get something fixed? It's really frustrating not to have something you need.

    Our company intranet used to have a form for reporting a problem with the website, which asked the user for specific details similar to your example. We printed out one of those and kept it mounted on the wall for a long time. In its entirety, it said:

    app is not working

  • Dan (unregistered)

    "You can't teach someone to not be outsmarted"

    Sure, but they can learn.

    PS. Captcha = "appellatio" - isn't that a sexual act with fruit?

  • (cs) in reply to Smash King
    Smash King:
    When I was in Uni, we often shared information through a mailgroup (but it was mostly jokes, of course). Someday one of my classmates sent us a warning about how the jdbgmgr.exe virus was actually a hoax, and it contained a copy of the email that lots of people were falling for. If you don't remember or you never got that email, it says where to search for the "virus" and states that an infected file's icon would be a teddybear.

    A few hours later we received a response from another classmate : "Why, thank you Sabrina. Guess what, my computer was infected too." /facepalm

    And I forgot to add that the ultimate irony would be having someone skimming over this comment go check whether they're infected too.

  • (cs) in reply to Code Dependent
    Code Dependent:
    Our company intranet used to have a form for reporting a problem with the website, which asked the user for specific details similar to your example. We printed out one of those and kept it mounted on the wall for a long time. In its entirety, it said:

    app is not working

    How about "INSTALLER DOES NOT WORK."

    (Hint: the installer worked perfectly. The app even launched when he clicked on it.)

  • (cs)

    HELLO, MY NAME IS JEREMYP.

    I AM BIG PRODUCER OF FRESSH SALMON IN RUSSIA. I HAVE LOTS OF FISHES AT V. LOW PRICES. IF YOU WISH TAKE ADVANAGE OF REALLY GOOD DEAL, PLZ SEND CREDIT CARD DETAILS 2 [email protected]

    YOU WILL NOT BE DISSAPPONTED WITH MY PHISH

  • (cs) in reply to Evan
    Evan:
    Ha- when I was in college we had a class-wide, opt-out mailing list that was mostly used for events, people selling stuff, random nonsense, etc. Someone sent out a really obviously fake joke phishing email to the list- about a half dozen people hit reply-all and sent their username/password to a couple thousand people.
    A class-wide mailing list with a couple of thousand people on it?

    Wow. And I was impressed when my freshman class at the university had over 600 people.

  • (cs)

    Is it really any surprise that average users fall for this stuff, when so many of the supposedly computer-literate users on this very site are too stupid to trim gigantic posts when quoting them?

  • Yanman (unregistered) in reply to JackD

    You see, that's why the American schooling system fails. It promotes stupidity.

    Belgium gives money to each student, who decides which school he/she wants to go to. If you're a bad school, you won't attract many students, and you'll go bankrupt. There is a limit on the amount of funding a student gets ( doing the same year 5 times is worthy of gene pool removal IMO), so schools are extra motivated to get good results.

  • Rob F (unregistered) in reply to curtmack
    curtmack:
    I don't know why, but my college gets phished once every few weeks or so. The mailserver is pretty good at detecting mass spam attacks and (here's the evil part) stops acknowledging e-mail sent from that sender. This means that the would-be spammers get inundated with Postmaster errors from their own messages. Instant karma.

    Yes I wish that was the way the world worked.

    Unfortunately, valid spoofed e-mail addresses mean that unsuspecting people suddenly encounter thousands of postmaster errors in what has been named backscatter and the original spammer doesn't receive any kind of comeuppance. It is manifested by poorly set up mail systems that obsessively send auto-response messages without even verifying if the original e-mail address was bona-fide.

  • (cs)

    Administrator default

  • (cs)

    Sadly, I knew exactly what the second email was going to say, before reading it.

  • Ryuzaki (unregistered)

    Same thing happened at my school. Worst part is it's an engineering school......talk about a major facepalm.

  • (cs)

    Username: Vechni Password: papabear1

  • Schmitter (unregistered)

    Yep, no child left behind. Most awesomest idea ever. Instead of a couple smart ones and some really dumb ones, now we get all dumb ones.

  • Mike (unregistered)

    I once had someone send me scans of her driver's license and social security card. I had never had contact with this person before.

  • (cs) in reply to Nathan
    Nathan:
    MrsPost:
    They scan it, see that there is a list of values to be provided, and send them.
    I wish. I get help tickets missing critical information. When I respond with:

    Please provide the following information:

    1. What did you click, in what order?
    2. Setting 1?
    3. Setting 2?
    4. Did you check the box?

    I get something useless like: Clicked on the icon, filled out the form. Didn't work, please fix now, really important people are waiting. Why does it take so long to get something fixed? It's really frustrating not to have something you need.

    Sorry. That should have read:

    "They scan it, see that there is a list of values to be provided, and send them. Unless it's a list of things they're actually supposed to send. In that circumstance they seem to randomly smash their foreheads on the keyboard a few times and send that. Then immediately send an e-mail to your boss that you're completely unresponsive to their company-wide issue of not being able to run the elf bowling program."

  • Survey User 2338 (unregistered) in reply to Ozz
    Ozz:
    Give a man a fish, and he will eat for a day. But, teach a man to phish...

    Dead Brillant!

  • pbean (unregistered) in reply to PIercy
    PIercy:
    Florian Junker:
    This is just depressing. How do these people manage to stay alive?

    i agree however saying there is no correlation between regular users and irregular users is rubbbish.

    I reckon a person who uses a pc 5 times a week while at work is more likely to spot a phishing site. than my gran who occasionally checks her emails and plays solitaire...

    However you fail to realise that the person using a PC 5 times a week might be used to clicking all sorts of pop-ups away (like invalid certificate boxes) while someone who just got on the 'net/got a PC might pay more attention to these kinds of notices.

    However, I'm sure the people researching this stuff are a lot smarter and have thought it through a lot more than the 1 minute you and I spent thinking about writing this comment.

  • (cs) in reply to MrsPost
    MrsPost:

    Sorry. That should have read:

    "They scan it, see that there is a list of values to be provided, and send them. Unless it's a list of things they're actually supposed to send. In that circumstance they seem to randomly smash their foreheads on the keyboard a few times and send that. Then immediately send an e-mail to your boss that you're completely unresponsive to their company-wide issue of not being able to run the elf bowling program."

    YES!

  • Azeroth (unregistered)

    Actually, when you post your password here (mine is *******), it gets replaced by asterixes. It's a cool security feature of this site. Try it out now! :)

  • Andy (unregistered)

    Wow, I hope they didn't reply to the entire mailing list.

  • tbrown (unregistered) in reply to kennytm
    kennytm:
    Yep:
    From: Anon Y. Mous, ASP. To: Everyone Priority: High Subject: Comment Trolling Warning

    We have noticed an increase in trolling attempts, similar to the message below. TDWTF will never request that you shout angrily in words at the previous poster. You should not feed the troll with any useful information like facts, logical arguments or your personal opinion through comments.

    Here is an example of a recent trolling attempt:

    (Omitted for sake of brevity)
    

    Other trolling attempts include comments that appear to have been posted by site admins such as Alex Papadimoulis or Jake Vinson. Your site admins will never participate in comment discussions or provide you with material that you would want to flame them for. The only valid comments will be Featured.

    When you receive these types of comments, you should ignore them and not respond. It is also a good practice to avoid clicking on any links in suspicious TDWTF comments.

    If you feel you have been a victim of a trolling scheme regarding a TDWTF article, please contact a site admin so that they can take drastic action against witty and rueful trolls.

    Thank you,

    Anon Y. Mous, ASP. Chief Sarcasm Officer

    ok, you are a retard because: <drum roll>
    1) cd ..
    2) cd ..\..
    3) cd ..\..\..
    4) mkdir wqeipjfwvoefi
    5) that's not very a good idea.
    6) 'system restore'
    
    "he gets a big smile and says they are working perfectly"=="nod and smile at the retard"

    Holy carp, man! Not only did you appear to take that totally seriously despite the "Chief Sarcasm Officer" title and the obvious spoof of the WTF itself, but you totally failed to recognize the old "T o p C 0 d e r" post!!

    /me smiling and nodding at kennytm

  • (cs) in reply to tbrown
    tbrown:
    Holy carp, man! Not only did you appear to take that totally seriously despite the "Chief Sarcasm Officer" title and the obvious spoof of the WTF itself, but you totally failed to recognize the old "T o p C 0 d e r" post!!

    /me smiling and nodding at kennytm

    And you... you failed to notice that kennytm cut'n'pasted that reply from the original thread.

    "Nod and smile at the retard," indeed.

  • Bobble (unregistered) in reply to Azeroth
    Azeroth:
    Actually, when you post your password here (mine is *******), it gets replaced by asterixes. It's a cool security feature of this site. Try it out now! :)

    It didn't work. I don't see the cartoon cats.

  • Sigivald (unregistered) in reply to Steve H
    Steve H:
    (Having said that, if you've ever proof-read an American college student's work, man they're hopeless. The state of education in that country is terrifying).

    In my experience, Canadians are just as ill-educated at the language and other topics (or not) as Americans, as are Britons.

    With a few culturally-derived exceptions (Japan, maybe Korea, Israel, at least for the Jewish population) I'm not sure the "average" student is especially competent anywhere.

    That's the inevitable result of universal access to college-level education; you get people who couldn't have passed high school in 1920 going for full degrees.

  • Survey User 2338 (unregistered) in reply to Azeroth
    Azeroth:
    Actually, when you post your password here (mine is *******), it gets replaced by asterixes. It's a cool security feature of this site. Try it out now! :)

    You should have posted your entire comment in asterisks

  • Michael (unregistered) in reply to PIercy

    I disagree... the person who uses a pc 5 times a week stopped reading the popup warnings years ago. After a while, you learn that the way to do what you want to do is to click "Ok".

    So I actually think that your gran is more likely to be worried - my mum thinks she has got a virus or been hacked every time she accidentally touches a key combination that does something clever.

  • RandomTask (unregistered)

    Username: Michael Password: a';DROP TABLE users; SELECT * FROM data WHERE name LIKE '%

  • Harrow (unregistered) in reply to <out of memory>
    <out of memory>:
    ...Captcha: Causa as in Causa belli. This means war!
    Maybe it's Causa as in Causa pacem.

    See, this is how a wilful misaprehension of critical intelligence can lead to unnecessary war. As if we need more examples.

    -Harrow.

  • (cs) in reply to A Nonny Mouse
    A Nonny Mouse:
    Jake Vinson:
    jvinson / *******
    i don't get it

    See, that's because if you type your real password here, it will get replaced by *'s for everyone but yourself. See: ****************.

  • (cs) in reply to Vollhorst
    Vollhorst:
    You shouldn't blade those people. That was a automatically generated email that is sent to everyone who sends a message containing something like "password", "mail", "username", "viagra" ...

    Saves a lot of time that can be used to drink some booze.

    I think they deserve to be bladed, with a nice long katana.

  • dave (unregistered) in reply to rd
    rd:
    Two questions: how do I include the entire text of a long post in my short reply and how do I go up four directories?
    1) it appears solved 2) ud3 & ud

    Did the sender of the email bother verifying that people had GENUINELY sent their email & p/word. Many Uni/College students think (as do people on this site, apparently) that it is FUNNY to reply with a (not necessarily genuine) email and a fake password (although thanks to those of you here who posted the real deal - like the owner of this a ccount I'm posting from....!!)

  • Dan (unregistered) in reply to Technical Thug
    Technical Thug:
    I don't know why, but my college gets phished once every few weeks or so. The mailserver is pretty good at detecting mass spam attacks and (here's the evil part) stops acknowledging e-mail sent from that sender. This means that the would-be spammers the people whose addresses they impersonated get inundated with Postmaster errors from their own messages. Instant karma.

    FTFFY.

  • ChefJoe (unregistered)

    Reminds me of USBank's new "security" feature. They have all sorts of images and a keyphrase. They then made me enter all sorts of questions about hometown but wouldn't allow duplicates.

    "Name of the city/town your father resides in" "Name of the city/town your eldest sibling resides in"

    It just so happens that my dad and my only sibling live in the same town - but that's not allowed as a response.

  • Johnno (unregistered) in reply to Mike
    Mike:
    I once had someone send me scans of her driver's license and social security card. I had never had contact with this person before.

    I can't help notice the "had never...before" - I assume you have kept up the contact since?

    q634$^OPF_djrtt

Leave a comment on “Go Phish”

Log In or post as a guest

Replying to comment #:

« Return to Article