Esteemed military bank, USAA was recently targeted by an email phishing scam. Thankfully, USAA has an incredible security team, who discovered it and warned their members before anything happened. Details of the email can be found on their site.

And it’s spreading fast! The email is short, cheesy and semi-Engrish, but nonetheless contains a password stealer that is instantly activated once you open it. The password stealer may grab more than just your Facebook credentials, so please do not open this email. The email itself has the following elements:

From: help@facebook.com
Subject: Facebook Password Reset Confirmation Customer Support
Email Body: Dear user of facebook,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
Your Facebook

You can tell from reading the email, that the grammar is atrocious, the subject line is overly long and somewhat contradictory (you wouldn’t confirm something the user hasn’t done yet), and customer support would not be in charge of an email server operation. The opening, “Dear user of facebook” is clearly not how Facebook would address you. It would have your name, and if they did reference themselves, they would certainly capitalize Facebook. And ending with “Your Facebook?” Please.

More details on All Facebook.

Which One Are You?

The Attention Whore:
Attention Whores are most commonly found on social networks that allow numerous photo uploads: MySpace, Facebook, Flickr, TwitPic et al. Typically teenage girls (and boys) who have no shame in posing half or fully naked in their messy bedrooms, with pouty lip poses and too much mascara. They will be informed on the next job interview that their likeness appeared on the cover of a GGW video

The Over Sharer:
The Over Sharer has no understanding of “TMI”. Their profiles have far too much personal data: from their cell numbers to their home address to their last bowel movement to links to their family tree on Ancestry.com. In short, everything needed for identity theft! These are people stupid enough to post their personal data over Twitter because, “I only have 16 followers and I know all of them.” The Over Sharer will suffer identity theft twice in one year.

The Snitch:
The Snitch is the company douchebag. He (and it’s usually a he) feels compelled to leak company intel such as layoffs, pitches and new product releases to industry blogs and forums. No one knows what drives this dirtbag to destroy the job security of his coworkers, nor why he does it. There is no fame (tips are anonymous) and no pay. If you’re going to screw your company over, at least have the smarts to get paid for it! This type is easily caught by IT despite the Snitch’s clearing his browser cache. Alas, he forgot to remove his IM logs.

The Plugin Nazi:
“OMG, you must get this plugin!” This type downloads every blog plugin known to mankind, beta or official, tested or not. No review is too unfavorable to dissuade this dolt from installing the latest. Sadly, installing the latest does not include security plugins. They just “don’t make your blog look cool.” The Snitch blames his constant MySQL errors on “the hackers” when it’s more likely just incompatible plugins.

The “Spook”:
The Spook is not really in any sort of intel group, nor has s/he ever worked for any government agencies requiring any sort of clearance. But the Spook wants you to believe s/he has top security clearance. In fact, the Spook cannot resist letting you know that they know something you don’t know, but they can’t tell you why or how they know what they know. You know? Spooks are basically liars that can rapidly be exposed by anyone really in the industry with a few standard questions. Eventually, the Spook will lie on the wrong forum and get taken out by the real spooks.

The Skeptic:
The Skeptic is the sort of person who basically never worries about security. Nothing bad can ever happen to them: their password is secure and besides: they have a great security question! No one knows their dog’s name. Except their friends on Dogster. And maybe their 973 Facebook friends. But besides that, no one knows. The Skeptic will be the sole person in their hometown made an example of by the RIAA for downloading one song illegally.

The Forwarder:
The aunt or mother who forwards you every chain letter email, every reforwarded joke , every “wait for it and scroll down” message. The Forwarder has no concept of scams, has never been to Snopes.com and can’t wait to send you the next good luck email that you must respond to in 24 hours, lest you suffer a broken leg and seven year’s bad luck. Worse than this person’s inability to strip out other forwards from an email, is this person’s gullibility. The Forwarder will disappear one day, only to be found dead in Nigeria after looking for the reward from a certain prince they shared an account with.

Which personality type are you?