Taking Advantage of Misfortune, Isn’t that Something Cyber Criminals Do?

Posted by Joe Franscella – 10-14-2009 –

The other day I received an interesting email:

B a n k of America Notification [ ref id: 837644 ] Dear B a n k of America member , You have (1) new security message from B a n k of America SiteKey: – Please click on the link below and update your profile.

It was easy for me not to click on it, my every-day immersion in cyber security has taught me better, I’m not a BofA customer and even if I were I know they’d never send me this type of email.

The email got me thinking about a Vietnam War veteran I once knew. One day while listening to his stories of good and bad times he had in Southeast Asia, he shared one of his infantry training notebooks with me. Several pages were intriguing, especially those that diagrammed how to set booby traps using explosives. Based on what I read in his notebook, in Vietnam soldiers were taught to set chain-reaction style traps where each explosion forced the enemy into another explosion until finally everyone was drawn into an inescapable position and was either killed or severely injured. I’ve never clicked on a phishing email but from what I understand the intent is similar – the aggressor tries to draw the victim in deeper and deeper, to a point where there is no escape.

I never thought about how “criminals” aren’t the only ones that use cyber crime to set inescapable traps though, until I read Danny Sullivan’s rant about how a credit card company left him no other choice but to call it and how its agent then trapped him into an inescapable position where he had to hear a sales pitch.

Danny, it seems, had his credit card revoked due to a data breach at some merchant where he had used his card. When he called in to get the scoop, he was “offered” credit monitoring protection for a low, low price. I can understand his disdain -  no one wants to be lured into a trap. It’s especially un-palatable when you consider that the card company baited the trap with a data breach.