Last week I mentioned getting a suspicious email from one of my clients. The basic letter had been forwarded several times and each time a large list of recipient addresses was nested for all to see. Initially I estimated that about a hundred people were included, but for some reason I went back and looked more closely. The total list, including the various levels of forwarding, was over three hundred. When any of those lucky recipients finally got to the meat of the letter, it told them how Microsoft and AOL would pay everyone who forwarded it thousands of dollars depending on how many other people agreed to continue forwarding. It sounds too good to be true, but it was on the Internet, so it must be true, right? Sigh – will they never learn?
My only response was to copy the URL for the appropriate page on Snopes and email it back to my client. We haven’t talked since, so I don’t know if he truly expected to get a suitcase full of money from forwarding a chain letter, but I suspect he was 99% skeptical and 1% hopeful. That’s enough wishful thinking to lure people into dumping their whole contacts list into cyberspace where it can be seen by spammers galore and who knows what else.
I’ve tried to at least get my clients to use Bcc when sending our mass mailings like this, but for some reason, they seem to be reluctant to use that feature. This reluctance goes beyond simple laziness or lack of knowledge. It seems to be some type of avoidance as though Bcc is somehow unethical. I don’t know how to overcome that reluctance.
But Bcc is only one issue. There are at least two others. The first is opening letters of this type that a client receives and the second is sending them to other people.
A dear friend, who should know better, sent my a short note that had obviously been sent to many other people using exactly the Bcc technique that I suggested. Only the letter was extremely terse. It essentially said “This is a beautiful site” followed by “http//XXX.XXX.XXX.XXX” Where the Xs stand for a valid address. How many of her friends jumped on that one? And did it hurt them? It is probably okay, but without further confirmation from her and an explanation of where it came from, I would never blindly go clicking on such a thing – and I don’t want my clients to do it either! Am I overly paranoid? You are not paranoid if they are really after you, and my network gets attacked frequently. I was on the board of a company when its system was hacked by a Russian gang. They were really proud of what they did to us because they posted the exploit on their own Web site. So call me paranoid.
Why do I think this suspicious site is okay? Because I have emphasized to my clients their responsibility to clean up their messes. If they make a mistake and send out something they think is suspect, they owe it to the people affected to alert them to a possible problem. Several days have passed since the suspect letter arrived and I have heard nothing from anyone else, so it is probably okay. Besides, I have a strong software fence behind a hardware firewall. What could go wrong?
Click here to read about my new tutorial on helping seniors. The new version has grown considerably over the original. It has more topics and anecdotes, and fewer typos. While you’re at it, check out my expanded tutorial on decision theory.
[tags]security,fraud,sherman e. deforest,snopes,internet hoax,microsoft is not sending you money,aol is not sending you money,senior education[/tags]