Oh boy was yesterday afternoon fun. I made a pretty big and stupid mistake because I was distracted and paid for it for a couple of hours.
Yesterday, I fell for a Facebook phishing scam. And I thought I knew better. But, as usually happens with excessive pride, it got smashed into the dust. Obviously, I don’t know better and even those of us who are more tech savvy can get taken.
What was most intriguing/annoying was the display of reactions that I got from this … interesting study in psychology actually. But, first, I should step back and explain what happened.
Yesterday a Facebook phishing scam occurred where an email was sent from a facebook friend with a link in it. The link took you to a site that looked just like facebook and asked for you to login.
I received one of these emails and clicked the link. I was at work (2 more days to go) and right after I clicked the link my employer asked me to come into his office and help him with Windows Media Player or something. I was in his office for awhile and then went back to my desk.
I then stupidly thought I had been logged out of facebook and logged in. But this wasn’t facebook, it was the phishing site. Once I did that almost all of my facebook friends received the same email with the phishing link which appeared to be from me.
I didn’t immediately realize what had happened but all of a sudden I started getting a flurry of emails from facebook (my facebook messages are sent to me in emails). As soon as I opened the first email, I realized what had happened and quickly changed my password and security question.
But the phishing emails had already gone out, people were sending me messages, writing on my wall, and things got a little out of control.
And since this is my last week at work and I have a ton of work to do I really didn’t have time to deal with it. One could argue then I don’t have time to be using facebook at work in the first place. That’s a valid point but I consider it to be a quick diversionary break.
One person wrote on my wall saying – “you’re spamming my facebook page – been hacked” – that is not exact quote because the wall post was later deleted but is close enough. I found that accusatory and probably should have been sent privately. I stated that publicly ;-) Others were more helpful – “it looks like your account has been hacked, change your password”.
About 20% of my friends sent me a facebook message asking what the link was about. While the number of them was annoying to deal with I felt like they trusted me and even though it looked like spam were giving me the benefit of the doubt and that is why there were asking me about it.
3 or 4 people responded with a “hi, how’s it going message”. Those were very strange – I send a bizarro link and you start talking about brewing blueberry ale. Huh?
And then there were the majority who knew it was a phishing scam and knew I never would have sent something like that. They quietly and politely deleted the message and went on with their day. Thanks to those of you by the way.
I though that I should warn my facebook friend what had happened but didn’t want to send the message through facebook – “oh great. another bogus link from Kim” ;-) So, I emailed people from my email account. I had about 40% of the email addresses and decided to leave it at that. I got more messages back but they were all friendly. “Thanks for the warning.” “Oh shit, how did that happen?” “I knew that couldn’t have been from you”.
As I mentioned I was intrigued by the variety of reactions and how they were related to personality or at least online scam experience. My reaction was panicky too – probably mostly because I didn’t want to look like a dumbass ;-) But people reacted with hostility, (or at least that was my interpretation) confusion, disinterest, and as a chance to reconnect. And most of all curiosity – isn’t that what got me to click on the link in the first place?
So, my extreme distraction and lack of multi-tasking skills are the primary cause of this. As well as just plain stupidity. But be cautious online, watch what your doing and change your password frequently.
photo credit: tarotastic