More Tales From the (Unen)Crypt

by Reg Harnish, Grey Castle Security

You just can’t make this stuff up.

Last week I received the following text message from an unknown number: “I received check. Thank you. Alice“.

A quick bit of research revealed that the number came from a woman (OK, I made some assumptions on the “Alice” part) who owns a flower shop in a small town in Florida.

They offer a full line of floral favorites, houseplants and perennials, and they also accept Visa, MasterCard and PayPal. The web site doesn’t say anything about accepting personal checks but apparently they’re cool with that, too.

I sat on the text for over an hour, as various scenarios piled up in my mind. I couldn’t help but wonder how security-conscious Alice was. Now that she had opened the door, I wanted to walk through and see what was on the other side.

My curiosity was piquing. Was Alice from Wonderland, carrying a big, nasty broom, and sweeping out all that would dare trespass on PII? Or was she just another careless merchant exposing helpless customers’ personal data?

I couldn’t help myself.

Hi Alice. I don’t remember which acct I used can you resend the routing and acct number.

We would soon find out.

Like all disasters, you prepare for the worst and hope for the best. We all want to believe in human beings’ natural sense of good, to protect our own and to want the best for others. We are the only species on the planet that has been gifted with morality, a true sense of right and wrong. We are truly blessed.

Over two hours had passed and I felt strong. In a world where security breaches, fraud and cybercrime were the norm, Alice was a beacon of hope. A shining example of what was right in this sordid world where so much has gone wrong. Alice, a frail, aging shopkeeper would show us what fortitude, diligence and a sense of righteousness truly means. If Alice could do it, anyo (bzzzzzt)…

021000322 XXXXXXXXXXXX XXXX

Don’t buy flowers in Florida.

Reg Harnish is Founder and Chief Security Strategist of Grey Castle Security. He will be speaking on Social Engineering at the 2012 IBA Technology Conference, October 23-24 in West Des Moines.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s