Army Sets Up Phishing Scam To See How Gullible Service Members Are

from the and-here's-the-list-of-folks-not-to-give-sensitive-info-to dept

Well, since Japan leaked nuclear secrets via a P2P site, perhaps it’s nice to know that our military runs its own phishing tests to see how gullible service members are. Slashdot points us to the news that the Army ran its own phishing scam, emailing members with an offer for free tickets to theme parks if they just went to a website and filled in certain information. The test itself was set up by the U.S Army Intelligence and Security Command (INSCOM) and U.S. Army Network Enterprise Technology Command (NETCOM) — and it involved a “fake” website supposedly from Army Family and Morale, Welfare and Recreation Command (Family and MWR). Amusingly, it appears that INSCOM and NETCOM didn’t bother to tell the folks at Family and MWR that they were conducting this test, so the group had rushed out an announcement warning people away from the fake site, only to later be clued in by the security folks. Oh well, it still seems better than using Dungeons & Dragons as a test of whether army members are security risks.

Filed Under: , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Army Sets Up Phishing Scam To See How Gullible Service Members Are”

Subscribe: RSS Leave a comment
Andrew says:

waste? no, not really.

Isn’t this exactly what they were testing? A real phishing site would try to fake an actual site to get data – and one would hope it would get no data exactly this way. That Family/MWR responded with an alert is exactly how it should work. Don’t complain that they didn’t get data, praise the whole system that they didn’t.

Well done, Army!

Anonymous Coward says:

Re: waste? no, not really.

Isn’t this exactly what they were testing?

No. They intended to test the recipients of the e-mails, not Family/MWR.

Well done, Army!

A screwed up test and you say “well done”? The army should be insulted that you think they need praise even when they screw up as if though they couldn’t meet any higher standard.

y8 says:

waste of money?

This is definately not a waste of money. How much money do you think it would cost to have an investigation into how some information go leaked? Many companies are proactive about security in similar ways. You didn’t think anyone in the government came up with this idea on their own did you?

The test may not have given the results that they were looking for, but having a preconceived notion of results is completely against the scientific method anyhow.

In the end there were significant results and probably a good lesson learned. That sounds like a success story to me.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...