Spam That Delivers a Pink Slip

alphadogg wrote in with a Network World story that begins: "Last week, a handful of employees at Dekalb Medical Center in Decatur, Ga., received e-mails saying they were being laid off. The subject line read 'Urgent — employment issue,' and the sender listed on the message was at dekalb.org, which is the domain the medical center uses. The e-mail contained a link to a Web site that claimed to offer career-counseling information. And so a few employees, concerned about their employment status and no doubt miffed about being laid off via e-mail, clicked on the link to learn more and unwittingly downloaded a keylogger program that was lurking at the site. Score another one for spammers."

Diabolical

[jazman_777 (44742)]

Clever, because we all know our soulless corporations would do that.

Re:

[tibike77 (611880)]

As a side-note, they could also blackmail the users to TELL their employers they were stupid enough to let a keylogger software get installed on their computer (worse if the user did this at the office computer).

Re:

[inKubus (199753)]

I was going to say... Wouldn't it be ironic if they got laid off because they fell for a fake email that said they were getting laid off?

Paranoia classes

[tibike77 (611880)]

Heh, while some people actually spend money to CURE people of paranoia, it would be (at least) useful to have paranoia CLASSES thought as part of any "PC operator" course ;)

Re:

[kimvette (919543)]

why bother with that when you can hire a schizo with paranoia issues who also suffers from OCD? Tell him to monitor the firewalls, and that if anyone manages to break in undetected that he'll lose his job. Add in some muzak with subliminal messages chanting "they're breaking in! They're out to get you!" then you'll have your dream tech monitoring your NOC. No need to train anyone to be paranoid, just take a few mentally ill folks off of their brain meds and leverage their condition. You'll save them money o

Re:

[bigberk (547360)]

This isn't as crazy as it sounds. Someone who is trained in monitoring, but who also has OCD, would make a very good nazi security guy

Re:

[ajs318 (655362)]

That's like my idea for putting the biggest, baddest-arsed, axe-wielding psycho-killer motherf**ker you can find in a flat on the top floor of a tower block. You can bet the lifts would always be in working order and never smell of piss .....

Larry Niven's ARM

[DragonHawk (21256)]

No need to train anyone to be paranoid, just take a few mentally ill folks off of their brain meds and leverage their condition.

SF author Larry Niven actually used something very like that idea in his "Known Space" future history. The idea was that society had decided that anyone who was the least bit violent/aggressive was "ill" and gave them meds to make them a happy little camper. Not mindless zombies, just very passive. (That's a difference of degree, of course.) But there was still a need for a p

Re:Diabolical

[rubberbando (784342)]

Nah, the corporations still prefer the more humiliating way of having security show up at your cube with an exec who hands you a box to put your things in and then marches you out the door in front of everyone. Companies are too paranoid to give you a chance to wreak any havoc. They want you logged out before they let you go. They will isolate you and get you out of the building as soon as possible. Therefore, layoff/firing by email (especially to your company email) is not very probable. I speak from experience. When I was laid off from a job, the execs were swift in getting me out of the door. I wasn't even on the clock yet and they swooped in, gave me my severance check, had me pack up my stuff, took my key, and pushed me out of the door before I knew what had just happened to me.

Re:

[arivanov (12034)]

This is a US specific phenomenon which does not exist elsewhere. For some reason in the US you are expected to wreak havoc and behave like a sociopathic delinquent. Not that I am surprised considering that some of the most prominent US high tech sector CEOs confess that sociopathy is a definitive job requirement: one example [slashdot.org], many others.

That is not the case in the EU. There you will be expected to slave off to the end of your notice period (or at least part of it). The very few to try something sociopathi

Re:Diabolical

[Kjella (173770)]

That is not the case in the EU. There you will be expected to slave off to the end of your notice period (or at least part of it). The very few to try something sociopathic (the Dixons salary trigger) have seen the end of the very thick legal stick so people tend not to try this any more.

And the primary reason is that the notice period is much longer. Most jobs have three months notice period, and I don't think any company could afford to just send you home. Besides I think that in itself is a good way to reduce tension - three months is a fairly long time to apply for new jobs and employers like people who can start on short notice if they're in a hurry (since people normally have three months notice). Since it seems US employers like to blindside you and suddenly go "kthxbye - here's your check" I imagine US employees feel rather screwed over.

In two weeks, the chance that you're done with an interview process and ready to start at another company is near zero. That US people have two weeks of free time while I have to work my notice period isn't really much of a help, since so much of the application process is waiting. If you need to relocate, then you can't do that before you have the job, which also stretches it out in time. The upside... well, I don't quite know what the upside but I guess you can have a job on hand and give your boss two weeks notice and change jobs in a flash, but if you're waiting for a good job the notice period goes quickly. To me it certainly doesn't outweigh the disadvantages.

There is of course the issue with awkwardness of working with someone on notice, but it is not really as big a concern as people think. Most lay-offs I've witnessed the people are on good terms with the manager and their co-workers, the decision came from higher up based on profitability/strategic changes. In those cases people tend to just do their job, of course not with great enthusiasm but still. Of course, it's something completely different if you were personally fired for negligence/incompetence/abusive behavior but I haven't been involved in any such process. In those cases they're either put on (paid) suspension or get themselves a sick notice (mostly to avoid the stain on their record). Which might sound niee, but good luck on getting your next job...

Re:

[houghi (78078)]

And the primary reason is that the notice period is much longer. Most jobs have three months notice period, and I don't think any company could afford to just send you home.

In Belgium the standard that you need to stay is three months. If you quit yourself it is six weeks. However it depends very much on the situation and the job. I have seen people having to leave the company immidiatly. However they will get payed for the next three months (almost four if it happens at the beginning of the month) and can

Re:

[TobascoKid (82629)]

Actually, it does happen in the EU (or at least the UK). Where I work, if you're in the IT department (and more specifically if you have administrator access) you don't have to serve your notice period, even if you're resigning (one of my old bosses got so fed up with things, he quit the day he came back from holiday - he was out the door on 3 months salary before I even turned up to work). Same thing with one of my former colleagues last year, he found a better job and got 3 months worth of pay free. Why t

Re:

[Octorian (14086)]

I think it really depends on the workplace. Only once did I ever have a co-worker terminated for cause, and he was escorted out the door. Every other time, whether leaving by choice or due to layoff, they've let the person work even after knowing that they're leaving (and this is at more than one employer. I've also never seen anyone abuse this. Of course, I'm used to working in an environment where people do have to transition and complete things before leaving the job, and where people tend to care ab

Re:

[1u3hr (530656)]

Not very clever, because getting an email that you've been fired isn't something you forget about. When you follow it up you find it's bogus, and everyone is alerted. What's the point of a keylogger if it's removed immediately? You want a keylogger to be installed without anyone the wiser so it can leech information.

Hah!

[Mark_MF-WN (678030)]

Hilarious!

Evil too, of course, and I wouldn't be particularly sad if those responsible were raped to death by manatees. But still pretty fucking hilarious.

Re:

[ajs318 (655362)]

This would only ever happen in the USA.

In the UK, the law still protects a person's right to earn an honest living (because it's generally better for all concerned than if they were earning a dishonest one). One of its consequences is that in cases of severe debt, anything considered a tool of your trade cannot be seized by bailiffs. Another is that you can only be fired without notice (at least one payment cycle i.e. month, fortnight or week depending how often you get paid) in cases of gross miscon

Re:

[ronanbear (924575)]

In the UK they use text messages instead.

http://www.wsws.org/articles/2003/jun2003/tag-j09. shtml [wsws.org]

It was a law firm that specialised in small litigation, especially personal injuries.

Re:

[arivanov (12034)]

Yep. We all remember that classic gem. It made the prime time news at the time, just to be followed by many others which never did.

IMO this pink-slip-by-email scam would have been more likely to work in the UK because in the UK you are not walked off the premises by security before you see your pink slip. At the same time procedurally, the UK has the least safeguards and least number of formalities for firing a worker in all EU. So in the UK the likelihood of people taking this fake email pink slip at face

Re:

[orasio (188021)]

Hilarious!

Evil too, of course, and I wouldn't be particularly sad if those responsible were raped to death by manatees. But still pretty fucking hilarious.

This would only ever happen in the USA.

I don't think so.

Source: Wikipedia
http://en.wikipedia.org/wiki/Manatee [wikipedia.org]


Manatees inhabit the shallow, marshy coastal areas and rivers of the Caribbean Sea and the Gulf of Mexico (T. manatus, West Indian manatee), the Amazon basin (T. inunguis, Amazonian manatee), and West Africa (T. senegalensis, African manatee).

Self-fulfilling prophecy

[Kris_J (10111)]

And those who did> click on the link and introduced a trojan into the network were fired.

(Not really.)

pwned via email- AGAIN!

[rts008 (812749)]

Cornered....like a rat...danger at every turn!

Darwin's List seems assured of a good genetic pool to recruit candidates from.

And which side of the pool is reserved for

[Travoltus (110240)]

phishers, especially when they get caught, tried, convicted and imprisoned?

Keyloggers do transmit to certain IP addresses.

Re:

[jrockway (229604)]

> Keyloggers do transmit to certain IP addresses.

Yes, to public IRC channels.

Re:

[Vlad_the_Inhaler (32958)]

A limited number of employees were targeted. Were their email addresses public? If not then it should not be *that* difficult to find out who was behind this. Either an employee (on or off the target list) or someone else reasonably close to the hospital in question.

I love you... you love me... please bugger off...

[creimer (824291)]

My favorite virus email was the "I Love You" virus. Since I worked for a French company at the time, the entire executive staff triggered the virus and the entire company got spammed by it. That was funny since you got emails from the CEO that he loved you. But the cure hurted more when it kicked in. For every email that was deleted from the server, Norton sent out a notification email that the email was deleted. The network grind to a halt because of the notification emails instead of the actual virus emai

Re:I love you... you love me... please bugger off.

[rassie (452841)]

Since I worked for a French company at the time, the entire executive staff triggered the virus and the entire company got spammed by it.

I have to ask: why is it relevant that the company was French, and in what way do you think that the fact, that it was French, make the executive staff more likely to trigger the virus?

Note: English is my third language, and I may just not have understood that particular sentence correctly. Also, I am not French or from anywhere closely associated with France, so my questi

Re:

[mgblst (80109)]

Because the French are such a loving people.

Re:

[creimer (824291)]

Different time zones. My office was located in the Pacific Time Zone and France is on the other side of the Eastern Time Zone. So the virus was in full swing by the time my co-workers got into the office. Besides, French or not, the executive management team has always been clueless and/or loveless. :)

Re:

[creimer (824291)]

More like suffocated from all that French love. :P

Easiest Way To Confirm a Layoff Rumor

[christoofar (451967)]

Step 1. Date or make friends with someone in HR systems who runs the Peoplesoft/Oracle/SAP HR system. Help them out with database work (like complex batch jobs).
Step 2. Pay attention to the kinds of queries they need help with.
Step 3. If they begin compiling seniority studies / benefits calculations for projections IN THE FUTURE (red flag!) or estimate retirement dates if your company has a defined pension benefit, see step 4.

Step 4. Put up resume on dice.com and start "disappearing" during lunch to return headhunter phone calls.

Simply ignore it

[Tweekster (949766)]

I would not accept being fired by some nonconfrontational method like this.

Just pretend you never got it. and ignore it, go about your day. Apparently the boss is already too much of a pussy as to actually fire you in the fire place, so what is the chance he will say anything. Hell come back the next day, then cause a small scene making them look like idiots.

THey are afraid of confrontation, make that fear a realization (in a calm way, but put it all on them)

Re:

[mark-t (151149)]

I knew someone who was fired where his boss left the message on his answering machine.

He showed up at work the next day like nothing had happened.

Turned out that he knew the labour code required the employer to pay him a minimal length shift (4 hours) just for showing up, even though he was sent home right away, as the employer could not prove that the employee had ever received the message that he was not supposed to come in.

The moral of the story is that if you are going to let someone go, don't re

Re:

[1u3hr (530656)]

The moral of the story is that if you are going to let someone go, don't rely on _any_ sort of message conveyance system to deliver the message, talk directly to the employee.

Conversely, when I quit my job, after a long period of money disputes, I really didn't want a face-to-face confrontation, but I did need a clear record of exactly when I had left and why, for later hearing at the Labour Tribunal when I was extracting my unpaid salary and banefits. I left a letter on my desk after faxing it to the bos

Re:

[dbolger (161340)]

Just pretend you never got it. and ignore it, go about your day. Apparently the boss is already too much of a pussy as to actually fire you in the fire place, so what is the chance he will say anything.

Yeah but what happens when they take your red swingline stapler?

--
Dave

Re:

[volpe (58112)]

The phrase "more better" is acceptable English.

Says who?

Re:

[SydShamino (547793)]

Just pretend you never got it. and ignore it, go about your day. Apparently the boss is already too much of a pussy as to actually fire you in the fire place, so what is the chance he will say anything.

And if your boss does come by to fire you in person, just make sure you're eating a big bowl of crunchy cereal. You can smile and nod, and then go back to work, and eventually upper management will notice and give you a promotion + commendation.

But

[kahrytan (913147)]

But does the keylogger work on Linux?

Score another one for stupidity

[iamacat (583406)]

This kind of stories will end with really stiff laws and high-profile enforcement. Hacking also used to be a harmless pastime of C.Sci students until a bunch of assholes caused real damage. Spammers should just stick with their p3n1s 3nlargm3nt creams and continue to enjoy their status as a pests, but not real villains.

Digital Signatures

[RAMMS+EIN (578166)]

If only people used digital signatures, impersonating senders would be a lot harder.

Blind clicking

[tttonyyy (726776)]

OK, so who clicked the "unwittingly downloaded a keylogger program" link in the article without having second thoughts?

A double whammy for the phishers if it linked to the keylogger infected file in question. ;)

Credible?

[octalman (169480)]

Yeah, I got one of these too. Since I've been self-employed for over 23 years, it looks like I would have already heard about this layoff. Sigh. I'm always the last to know!

SMTP Gateway

[fdiskne1 (219834)]

Their SMTP gateway should have detected a server outside of their network was trying to send a message with an internal email address as the sender and blocked it. It never would have worked in my company. Plus if someone in my company received a message like this which would have had an external email address as a sender, someone would have called me right away. I then would have blocked the site, blocked similar emails, seen who was sent a similar message and spoke with them to find out who visited the si

Spam != Phishing

[Gothmolly (148874)]

Its a phish attack, not spam.

Re:

[jb.hl.com (782137)]

That's the most pointless obfuscation of a company name I've ever seen.

Sorry. How many other tech company names end with "ntel"?

Re:

[jimicus (737525)]

WHY don't all these moron CTO's and VP's of IS get their asses canned, paying MS for their shit?

Because they're infinitely more likely to get sacked for refusing to provide & support a platform on which the company can run the software it feels it needs to than they are to get sacked for providing it and it so happens that it's not terribly secure.

Business drives IT, not the other way around.

Besides which, with a suitably locked-down network and a suitably paranoid mail relay, it's not really a problem.

Re:

[glomph (2644)]

And if everybody ran 10 miles before breakfast, we'd all be unbelievably fit! WTF is your point? Get back on your knees, Bill is not a patient man.

Re:

[CmdrGravy (645153)]

Subjects lines like this would work well too:

Subject: Newsletter: Pay Freeze Continues. Inside, managements weekend on-board the companies new Luxury yacht.

Body: Click here to view the photos and eye witness accounts of the tragic sinking of the company yacht in force 10 gales off the Cornish coast. 5 still missing, presumed dead. RNLI claims lack of planning, insufficient investment in crucial safety equipment and communication difficulties with the Azerbajani crew to blame.

Re:

[shrdlu (42466)]

Normally I don't care, but I'd like to know how the parent is a "Troll" here?

How do you go about "unwittingly downloaded a keylogger program"? Even if you run Win OS and use IE at default settings it takes unpatched exploit and/or click of OK. After that keylogger needs to get past firewall to ring home to be of any use. So can someone explain how this can happen on a properly maintained computer?

The people who downloaded it were upset, and certainly not as aware as they should be. The firewall issue is sep

Re:

[petermgreen (876956)]

In XP there is an option in display properties, pretty sure that is at least five clicks though (maybe more, i can't remember if the option is visible immediately you click on the correct tab or not).