You know how you're not supposed to give your personal information to random people you meet on the Internet? Well, 75% of IT workers and hackers did just that, when researchers posed as the sexy lady above.
According to MSNBC, Sabina Datcu of the security company Bitdefender selected 50 hackers and 50 IT pros, then contacted them online with a fake profile she tailored to their interests. The profile was always a 25-year-old woman, and her "photo" (actually the drawing above) remained the same, but for the hackers she was interested in hacking and "trying new things," whereas for the IT folks she was into "security." In both cases, her interlocutors started out more concerned about security than the average person, but they soon gave up personal information about themselves. 75% of IT people and 69% of hackers gave up their addresses; 84% and 78%, respectively, gave their phone numbers. 81% and 77% revealed their mothers' names, while 97% and 94%, respectively, gave information about their kids. All these tidbits could be very useful in answering security questions and guessing passwords, as the computer-savvy subjets probably would've realized if they'd thought about it. But even more shockingly, 13% of IT pros and 7% of hackers gave their new lady-friend their actual passwords. Says Datcu,
No matter what "side of the fence" they are on, people will behave the same: as though the virtual environment creates a second life, entirely different from the real one — they are willing not only to accept unknown persons inside their group just based on a nice profile, but also to reveal sensitive information (about their company, themselves and other persons) after a short online conversation.
It's tempting to say that guys will give up their secrets to a pretty lady, but Datcu didn't break down her targets by gender. Really, what she found was that even people who should be very concerned with online security are quick to trust people who chat with them a bit about their interests. In a way, this is nice — the Internet breeds so much discord that it's encouraging to hear it can also inspire camaraderie. But this camaraderie can be dangerous if it means giving up your password, and everybody should be wary of overly curious "friends" they meet online.