Categories ArchivesFunnies

What an IRS Scam Sounds Like standard

Like many of you, I have come to the realization that people not in my contact list who actually use their voices to communicate with me over this texting machine usually want something from me—many times, a sales pitch. I’ve given up on answering most of these calls. For the few that leave a message, I will return it if it’s important. Hopefully people have figured out by now that written communication is preferred in many instances. I recently got one of those robo-dialers to leave me a generic, threatening message (which you can listen to here) that meets many of the requirements of good social engineering. The transcript is below (apologies for the bad copy in two areas, the ...

Continue Reading

Pleeeeze Stop Exposing Weaknesses in my Code! standard

In the latest round of “I just don’t get it” moments from Mary Ann Davidson of Oracle, a blog post escaped the PR department that just explains how ridiculous her views on information security are. Thankfully, the Internet never forgets. Before going any further, go read that post. Then when you are done, enjoy this previous gem where she insults anyone who has ever performed an audit function. And here are my comments from 2011. Davidson really wants to be considered a security person. She reminds me of Jerry Jones wanting to be known as a Football Man. She ran for and sits on the ISSA International Board of Directors. She has keynoted several conferences as a security expert. Yet, based on ...

Continue Reading

Mystery Shopper Scams Getting Aggressive standard

Mystery shopper scams are nothing new, but I now have the experience of being personally targeted by one. From my research, most of these scams are carried out in a “pull method,” whereby ads are placed in classified sections asking for applicants for a part time job. I was targeted by someone using the “push method,” whereby a live (fraudulent) check was mailed to me in a haphazardly stuffed envelope with an official looking letter and survey form. Redacted versions of those documents are linked above. One of the first lessons I learned in high school economics was TINSTAAFL. And while I’m pretty far removed from high school at this point, that one came roaring back when I was mailed ...

Continue Reading

Neutral vs. Agnostic standard

I am not a grammar expert. Did you see that? If you didn’t start this post over because that first line is important. I do write often and I have a particular style that I like to follow, but most importantly, I am a student of the English language and not an expert. THAT SAID… There are certain things that people do that really grind my gears. I think it has to do with being granted access to a thesaurus too early in life, or lazy students aiming for a minimum page count. Regardless, the result is the usage of certain words to sound smart even though their usage makes you sound dumb. Today I want to cover a word ...

Continue Reading

Happy Thanksgiving, and Travel Tips! standard

First off, Happy Thanksgiving to everyone! If you are traveling today, here are a few tips that have served me well over the years. Read your airline’s policy on carry-on bags (size and weight) BEFORE you pack Carry everything on if you can Convert large liquid toiletries into small travel sizes for your trip Ship anything bulky or any large quantities of liquids instead of bringing them on the plane Research the airport layout and probable location for your departure gate so you know exactly where to go, how to get there, and nearby food and drink options If you are not checking a bag, check in online the day before (within 24-hours of departure) and ensure your seat selection ...

Continue Reading

Pwn3d by the Hoffacino standard

Yep, I did it. And WOW what a ride it was. Chris Hoff (@Beaker) started a movement in fueling today’s security professional, and I don’t even know if he realized the animal he’s unleashed on the world.  It’s called a Hoffacino (or Hoffachino), and boy are you in for some fun if you order one.  This ain’t your daddy’s coffee! Before being allowed to consume one of these things, you should have to present passing results from a full physical and psychological examination. The experience of the Hoffacino starts when you order.  I was slightly embarrassed to order such an intricate drink from my neighborhood Barista. I mean, I might see this fine young citizen at the market! I have ...

Continue Reading

The Social Security Office, an Identity Thief’s Heaven! standard

My wife is not into technology.  Or security.  Or UNIX.  Basically she looks at her Macbook as a way to check email, buy shoes, organize photos and videos, and make checklists for the babysitter.  So when she takes an interest in what I do, I REALLY perk up. She is very attentive to the things I do with our mail and sensitive information, only because she hears me talking about it all the time.  She knows not to give out passwords or personally identifying information.  She shreds expired cards and junk mail. She’s definitely more in tune to security than the average citizen. We recently noticed a reporting error from the Social Security Administration and the only way to clear ...

Continue Reading

Think Blackberry is Safe? Think again! standard

Chris Eng at Veracode put together a pretty sweet little presentation based on a tool Tyler Shields created to infiltrate Blackberry Smartphones called BBSpy.  Blackberry’s seem to be viewed as a more secure mobile platform for a smartphone or PDA than any other, to the point of speculation about the existence and future of President Obama’s Blackberry. When I first got a Blackberry smartphone, not only did my ability to separate my personal and professional life change, but I remember as a security professional liking some of the features provided.  Remote wiping, encryption, and a password attempt bomb made me feel that should I lose my Blackberry, I would be able to prevent any sensitive data on it from falling ...

Continue Reading

Too Much Process, the Corporate Lobotomy standard

Process is a good thing. Some corporate citizens might disagree with that basic statement based on conversations like the following: “You mean I have to go to some website to enter a request for paper clips, and then someone in another office can just reject it because they want to?” Sometimes it doesn’t work.  When you are in situations like this, remember this little saying from a very wise man: “Don’t confuse logic with the process.” Process in other examples can be a really good thing.  Consider the actions you might take to promote code from a test or Q/A environment into production.  The steps you take to do this should be the same every time, and any deviation from ...

Continue Reading

The Social Media Ban standard

Attendees to the PCI Community Meeting in Vegas two weeks ago were treated to an interesting warning at the opening of the session. No social media or blogging during the meetings. I know that I picked up on it more than anyone else as I tweet and blog just a little. It didn’t take long for attendees to be warned about its use. During Bob’s opening remarks, he cautioned users not to tweet or live blog the events. The two-part irony behind the situation is that members of the press were welcomed into the meetings this year, and three of the five founding members of the council have embraced Twitter. Discover MasterCard (including four executives) American Express (albeit just a ...

Continue Reading

This is a unique website which will require a more modern browser to work!

Please upgrade today!