Ask Internet users what they hate more than anything else online, and invariably the answer will be spam.
I get more spam than most, and I just hit the Junk button for most of it. But when spam comes in with my real name attached, then I give the spammer a few minutes of extra attention. Usually this results in their web hosting and advertising accounts being canceled.
In the case of a spam I received Monday, it might result in someone losing his cushy federal government job.
It appears that on Monday morning someone at the Overseas Security Advisory Council came into work early, and by early I mean six in the morning, sat down at workstation “dsi200w2k3a41,” and started sending spam. The spam is typical of get rich quick schemes, advertising a Web site I won’t link to that wants $44.95 for a copy of the same web site and the ability to send 1,000,000 more spam messages per day — or 2,500,000 per hour, depending on which piece of hype you believe — to rake in $44.95 from hapless Internet users from the buyer’s copy of the site, and so on.
I don’t know what the penalties are, if any, for a federal government employee sending spam from a government computer, but I’m sure there’s a rule somewhere that covers it.
It’s possible that instead of this being an employee actively sending spam from his office computer, that it is instead a Trojan of some kind installed on the workstation sending spam. Though this raises the question of how did such a Trojan get there? Did someone put it there or were the IT staff asleep at the switch?
I contacted OSAC Monday morning and have so far received no response.
OSAC, part of the State Department’s Bureau of Diplomatic Security, exists “to promote security cooperation between American business and private sector interests worldwide and the U.S. Department of State,” according to its Web site. OSAC should start promoting security on its own internal network.