Phish Spam (bleurgh)
June 7, 2013 5:30 PM   Subscribe

Twice this week, I've fallen for spam emails. Have I compromised my security? Will I die?

In a double whammy of stupidity I've fallen for a pair of dubious emails within the same week.

The first email directed me to a site selling diet pills or some such. I quit the browser immediately and thought nothing of it.

The second was a direct message from a twitter follower. Feeling rather honoured to have received an invitation to look at her site, I took the bait and was sent to a page containing some not unpleasant photographs of the anatomical variety. On this occasion, I stayed for a little while and clicked a couple of 'hot' and 'not' buttons before common sense kicked in.

No personal information was entered on either occasion. I was using Chrome under OSX 10.6.

So what's the worst that could happen? Will my bank account be drained? Do I need to change my passwords? Wipe my drives and reinstall everything from scratch?
posted by popcassady to Computers & Internet (5 answers total)
Nothing bad will befall you, especially using Chrome on OSX. If you were using Internet Explorer on an unpatched Windows XP install, there might be reason to be worried. As it is, you've escaped the darker parts of the Web unscathed.
posted by killdevil at 5:38 PM on June 7, 2013

I have 20+ years administering and supporting macs. I can say you're safe with a nearly 101% certainty. Put it this way, if you're not, you'll be famous.

Your twitter friend on the other hand needs to start changing her password.

I often deliberately go to these sites because I have a fascination for the design and the language used on them (and the methods to drive traffic toward them). I do this on my mac and have never had a problem.

I do not so this on my Windows boxes.
posted by cjorgensen at 6:19 PM on June 7, 2013

In short, if you didn't download anything, didn't give away personal info, nor inputted an admin password you are safe. Some people may come along with scare scenarios, but I yawn in their direction.
posted by cjorgensen at 6:20 PM on June 7, 2013

I agree with the others, in that unless you're the sort of person likely to attract targeted hacking attempts, it's almost certain that you'll see very little in the way of adverse consequences from clicking on those links.

However, it's not uncommon for the links in spam to contain "referral codes" that allow the spammer to identify the e-mail addresses that successfully produced visits to advertised sites. This might result in your e-mail address getting added to a "sucker list". The spammer might target you more intensely for awhile. These lists are sometimes sold or traded so you may also receive a greater amount of unsolicited e-mail from other spammers in the future as well (sometimes the spammers even manage to sell their old lists to otherwise respectable, but naive companies, as a list of "leads").

It's very unlikely, but in the worst case, these sucker lists sometimes end up in the hands of hackers who value them because individuals who end up on these lists often have poor passwords. So a hacker will buy or otherwise obtain a sucker list, and then using the e-mail addresses from the list, try e-mail address/common password combinations at internet vendors, hoping to gain access to an account with a credit card on file. The fact that you're even asking this question means you're unlikely to have the sort of very weak password that makes that attack feasible.

So my advice would be to make sure you're not using an easy to guess password at any internet vendor that you used the e-mail address in question as your account name. Of course, it's good practice to avoid weak passwords everywhere.
posted by RichardP at 6:55 PM on June 7, 2013

Best answer: I wouldn't worry at all about these incidents.

That said: yes, you are going to die.
posted by pompomtom at 7:30 PM on June 7, 2013 [15 favorites]

« Older It's permanent, so it better be accurate!   |   Identify this food-related object + recipe request Newer »
This thread is closed to new comments.