by Michael Seese
It's been a while since I've posted anything in the infosec or BCP space. I've been a tad preoccupied of late with that whole "author thing." But just like rainstorms bring out the earthworms, calamities bring out the cockroaches. And with the Coronavirus scare / hoopla taking over EVERYTHING, I'm sure the email below is the first of many con jobs I'll see. So I thought it would be a good idea to hold class again on SPAM Detection 101.
Of course, this lame attempt at SPAM is so funny, it's almost beyond belief. There are so many things wrong with it. (In fact there should be a contest. See if you can find any obvious holes that I missed, and post them as comments.)
And, yes, I realize that the image may intrude on the standard blog info to the right. But I wanted you to be able to read it.
First and foremost, it's an easy Google search to confirm there's nobody named John Blair who plays in the NFL.
First-and-a-half, if he's 20, he's probably not IN the NFL. And unless he was a coveted high draft pick (see point #1) he's not worth $4.6 million.
Second, he's American. I'm American. Why does he feel compelled to specify USD?
Third, if he accessing his email, offering his largess to a random stranger, I'm gonna go out on a limb and say he's probably not in the ICU and dying.
Third-and-a-half, if I only had a "couple of days left," I'm not sure I'd take "a little time to make up my mind."
Those are just a few of things I just see when I read emails like this. But it's second nature to me. I share this because it might not be second nature to everyone.
How about y'all? Anything else I missed, aside from bad grammar? (But, hey, he's an NFL player.... right?)
If you're looking for tips on how to avoid SPAM and myriad other infosec gotchas, pick up a copy of Scrappy Information Security.