Slashdot Mirror


Phishing for Credit

An anonymous reader writes "Two graduate students at Indiana University conducted a phishing study to determine how readily students will give up personal information if the phishing emails appear to come from close friends. Using only publicly available information, they sent out emails to students asking them to click a link that required username/password information. Needless to say, the study has generated lots of attention on campus. The student newspaper has the story and the researchers have created a blog where the participants can vent."

18 of 218 comments (clear)

  1. Dear Friend by fembots · · Score: 4, Funny

    Dear Friend,

    Can you please click on this link?

    Yours Truly Friendly,
    Close Friend

  2. Your slashdot session has expired by Anonymous Coward · · Score: 4, Funny

    please reply to this message with the following information:

    Nickname:
    Password:

    1. Re:Your slashdot session has expired by acoustix · · Score: 3, Funny

      acoustix
      passw.....wait a second!

      DAMN YOU!

      --
      "A plan fiendishly clever in its intricacies"- Homer Simpson
    2. Re:Your slashdot session has expired by varmittang · · Score: 3, Funny

      Nickname: IP
      Password: Freely

      --
      -----BEGIN PGP SIGNATURE-----
      12345
      -----END PGP SIGNATURE-----
    3. Re:Your slashdot session has expired by Anonymous Coward · · Score: 3, Funny

      go go gadget bash.org!

      <Cthon98> hey, if you type in your pw, it will show as stars
      <Cthon98> ********* see!
      <AzureDiamond> hunter2
      <AzureDiamond> doesnt look like stars to me
      <Cthon98> <AzureDiamond> *******
      <Cthon98> thats what I see
      <AzureDiamond> oh, really?
      <Cthon98> Absolutely
      <AzureDiamond> you can go hunter2 my hunter2-ing hunter2
      <AzureDiamond> haha, does that look funny to you?
      <Cthon98> lol, yes. See, when YOU type hunter2, it shows to us as *******
      <AzureDiamond> thats neat, I didnt know IRC did that
      <Cthon98> yep, no matter how many times you type hunter2, it will show to us as *******
      <AzureDiamond> awesome!
      <AzureDiamond> wait, how do you know my pw?
      <Cthon98> er, I just copy pasted YOUR ******'s and it appears to YOU as hunter2 cause its your pw
      <AzureDiamond> oh, ok.

      http://bash.org/?244321

    4. Re:Your slashdot session has expired by Cro+Magnon · · Score: 2, Funny

      Nickname: Cro Magnon
      Password: ********

      --
      Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
  3. Heh by Otter · · Score: 4, Funny
    [T]he researchers have created a blog where the participants can vent.

    This would make a nice change from the usual celebrity-in-trouble "apologies", where they go on the Tonight Show, bite their lips and look downcast and assure us "I'm very, deeply, truly sorry..."

    Instead we can get, "Jay, I have created a blog where people can vent."

  4. Study extension by Rosco+P.+Coltrane · · Score: 4, Funny

    Two graduate students at Indiana University conducted a phishing study to determine how readily students will give up personal information

    After such a successful research on phishing, our two friends have decided to tackle a new study: test how much load e-commerce sites can handle, and how much money ATMs can usually deliver on any given day.

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  5. well by Anonymous Coward · · Score: 2, Funny

    people are stupid. film at 11.

  6. In other news by Aumaden · · Score: 2, Funny

    In other news, Indiana University students found to be whiners.

  7. Hey by Anonymous Coward · · Score: 2, Funny
    How'd you get your d to go backwards?

    Oh wait.

  8. Oh the brainsss! by atari2600 · · Score: 3, Funny

    "I feel betrayed and offended"

    Someone posted that on the blog. I think he/she should feel foolish rather than feel betrayed. Or that should be read as "I am so fucking dumb that i cannot believe i did what i did".

  9. Re:Just watch by s20451 · · Score: 2, Funny

    No, he means this. The moral is, don't fuck with the justice department!

    --
    Toronto-area transit rider? Rate your ride.
  10. Re:I would imagine.. by YankeeInExile · · Score: 3, Funny

    So, they magically went back in time to get approval from the ethics committee after getting caught? Shit -- fuck the write-up on the phishing -- describe the time machine!

    --
    How does the Slashdot Effect happen given that no slashdotters ever RTFA?
  11. Re:I see their point, but... by Anonymous Coward · · Score: 2, Funny

    Yeah. I was kind of suspicious when that banker who called me had a Nigerian accent. But he offered me so much money to help him, that I figured it was OK.

  12. Any college age person who is fooled by an email o by TheIndefiniteArticle · · Score: 3, Funny

    Any college age person who is fooled by an email of the described type deserves a swift kick in the ass.

  13. Re:I would imagine.. by Pansy · · Score: 2, Funny

    Spoken like someone with a 6-digit UID :P

    --
    People are the problem, stop procreation now!
  14. Too easy? by stinky+wizzleteats · · Score: 4, Funny

    I notice that a lot of the complainants have posted their e-mail addresses in the blog to try to get together to organize action...

    Dear concerned student:
    I am a close friend writing to you about your recent experience with a phishing study in which deception was used. I have met with an attorney on this issue who is interested in pursuing a class action lawsuit on behalf of the victims of this study. To participate, please click the link below and provide the following personal information...