What started out as an in-house phishing security test at an airbase in Guam has gone viral. According to a Networkworld article, what was meant to be a local test of Air Force security against phishing e-mails led to the story being released to the public and spread like fire.
Airman apparently spread the false information to their friends that DreamWorks was looking for 20 people from Anderson Air Force base to be extras in the next Transformers movie.
This type of in-house phishing exercise is a routine occurrence in the military and in major corporations, and is generally seen as a good way of promoting security awareness. But in Andersen’s case, the information in the phishing e-mail started leaking to the civilian world.
“Unfortunately, many of Andersen’s personnel responded to this inject and submitted their personal information to the Web site, and forwarded the information outside of Andersen,” the Air Force base said in a statement.
Okay, I can see how this happened. You have young guys at the Air base thinking this is their chance to be a star. This was a good test. Phishing attacks can be very devious. What I am amazed by is that a short while ago people fell for a real phishing attack that said that North Korea nuked Okinawa.
Just as a reminder, do not give out your personal information to unknown websites. Also, do not click on links in unsolicited e-mails. You also need to be extra careful now with e-mails that you think you have signed up for. Hackers are spoofing e-mails that look like they are from name brand sites, with logos and everything. Clicking on a link in the e-mail takes you to a malware site. It is always best to go to the website manually to see if that deal that is too good to be true really is.