So I have been trying to educate my small business customers about safety of their IT investment and things like Social Engineering. I explain that hopefully many of the rank and file employees have figured out not to click on .exe file attachments that come with emails from senders that they never heard of (can you say ‘duh’?). Then I pose the question – what would you do with a USB Flash Drive that you found laying in the parking lot by your car – or in the hallway outside your office. By now they are on their toes and realize there is a message in this question. They also admit – that if I hadn’t brought up the subject of malicious emails they probably would have answered differently.
The day after having one of these conversations I returned to my office to go through the daily snail mail. In this mail I find what you see in this accompanying picture – with absolutely no correspondence or authenticating material. What a great idea – if you are one of the bad guys. It might cost a little more than the spam mail that they are sending us but just think about the returns!
And, what is really more to my point in writing this, I used to expect more from Microsoft than to produce such a sophomorish mailing. This is supposedly one of the leading IT companies in the world. You would think they would have had some way of communicating that this mailing was something to be trusted. Unfortunately, I am coming to learn that big doesn’t necessarily mean wise, and that they are more than capable of producing this and many more things like it.
– pause –
Actually I just did a desktop search and found an email from MARCH ’07 about a contest called “Growing Small Business Together” which offered a 512k USB Flash drive ‘loaded’ with stuff. I guess this is what I just received – with no written accompanying correspondence.