Army Runs Fake Spam Site
Over 10,000 soldiers, civilians, and military family members with .mil email extensions were duped by a bizarre, security exercise conducted by the Army on Sunday. The exercise set out to test susceptibility to phishing - attempts to fraudulently acquire sensitive information, such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic medium.
To conduct the exercise, the Army Computer Emergency Response Team sent e-mails promising free tickets to area theme parks which linked to a website posing as the site for the Family and Morale, Welfare and Recreation Command (FMWRC) - a real military family support organization. The only problem was, no one bothered to tell the organization that their name was being used to conduct the exercise. Oops!