Army Sets Up Phishing Scam To See How Gullible Service Members Are

from the and-here's-the-list-of-folks-not-to-give-sensitive-info-to dept

Well, since Japan leaked nuclear secrets via a P2P site, perhaps it's nice to know that our military runs its own phishing tests to see how gullible service members are. Slashdot points us to the news that the Army ran its own phishing scam, emailing members with an offer for free tickets to theme parks if they just went to a website and filled in certain information. The test itself was set up by the U.S Army Intelligence and Security Command (INSCOM) and U.S. Army Network Enterprise Technology Command (NETCOM) -- and it involved a "fake" website supposedly from Army Family and Morale, Welfare and Recreation Command (Family and MWR). Amusingly, it appears that INSCOM and NETCOM didn't bother to tell the folks at Family and MWR that they were conducting this test, so the group had rushed out an announcement warning people away from the fake site, only to later be clued in by the security folks. Oh well, it still seems better than using Dungeons & Dragons as a test of whether army members are security risks.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Eric Zakrajsek, Apr 4th, 2008 @ 12:31am

    Army huh?

    My congressman will get a strongly worded letter with pareto chart and venn diagrams contrasting bullshit to taxpayer monetary responsibility tomorrow.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Erik Ellison, Apr 4th, 2008 @ 1:09am

    I know they were trying to test individual soldiers out with this but wouldn't they say that Family and MWR passed with flying colors? If the right hand didn't know what the left was doing and moved immediately to warn people I would say that is a success.

    Again I admit it wasn't what they we're trying to test.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Novernetsbandit, Apr 4th, 2008 @ 1:14am

    how much did this cost?

    How much of money was wasted on this idea? Can i have a government contract to waste... come on!

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Michael G, Apr 4th, 2008 @ 2:13am

    To Eric Z...

    As if your congressman is smart enough to understand. They really aren't the sharpest pencils in the box, thats why they got into government to begin with, industry wouldn't have them. And then there's George Bush.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Andrew, Apr 4th, 2008 @ 5:10am

    waste? no, not really.

    Isn't this exactly what they were testing? A real phishing site would try to fake an actual site to get data - and one would hope it would get no data exactly this way. That Family/MWR responded with an alert is exactly how it should work. Don't complain that they didn't get data, praise the whole system that they didn't.

    Well done, Army!

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    y8, Apr 4th, 2008 @ 6:00am

    waste of money?

    This is definately not a waste of money. How much money do you think it would cost to have an investigation into how some information go leaked? Many companies are proactive about security in similar ways. You didn't think anyone in the government came up with this idea on their own did you?

    The test may not have given the results that they were looking for, but having a preconceived notion of results is completely against the scientific method anyhow.

    In the end there were significant results and probably a good lesson learned. That sounds like a success story to me.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Dave, Apr 4th, 2008 @ 6:27am

    Gullible?

    Of course they're gullible... they believed the advertising for joining the military in the first place!

    *ducks and covers*

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Overcast, Apr 4th, 2008 @ 6:32am

    Do the same for politicians - I bet you get more of them that fall for it..

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Overcast, Apr 4th, 2008 @ 6:34am

    Oh and.. of course, theme park tickets wouldn't work with politicians - but put up tickets for free hookers or booze, and watch the hit counter fly.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    It Wasnt me, Apr 4th, 2008 @ 6:45am

    well at least this shows that MWR are taking care of business like its supposed to be done.

    no comment about other two the over zealous groups

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Leo, Apr 4th, 2008 @ 8:10am

    Re: how much did this cost?

    Truthfull it cost $0 all it take is for the army to use one of thier existing webserver and add a domain to it and the email it's military members....... so stop whining about tax dollars....the military using your tac dollars else where

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Squee, Apr 4th, 2008 @ 8:21am

    What the hell is Techdirt using another site that summerises the news to get its news? Why dont they atleast go out and use the sources that /. used and claim it as your own. Talk about third hand news....

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    PidlyDink, Apr 4th, 2008 @ 9:45am

    While you're at it

    Can you set up a Phishing Scam to see how gullible Congress is? I'd pitch in a couple bucks!

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Boomer Sooner, Apr 4th, 2008 @ 12:49pm

    And these are the people that are commanding our brave brothers and sisters in war? No wonder so many of our family members have died. We should get Stalin in to 'shake' up the military and start over again.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Apr 4th, 2008 @ 4:29pm

    Re: waste? no, not really.

    Isn't this exactly what they were testing?

    No. They intended to test the recipients of the e-mails, not Family/MWR.

    Well done, Army!

    A screwed up test and you say "well done"? The army should be insulted that you think they need praise even when they screw up as if though they couldn't meet any higher standard.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Iron Chef, Apr 5th, 2008 @ 1:30am

    Call me old fashoned but...

    I remain curious... Is there a better way to allocate these smart folks to other efforts?

    It just seems wasteful to have the same activity run 3 times over by 3 separate groups.

    Heh.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This