Secret CIO

Secret CIO is dealing with the threat from the Lads from Lagos.

  • E-Mail
By  Secret CIO Published  May 18, 2008

Secret CIO is dealing with the threat from the Lads from Lagos.

"I think I have a... thingy. You know, a bug.

Not the most encouraging start to a conversation with one's CEO, but I decide to play along: "Well, have you been to a doctor?"

"What? No, not that kind of bug - a computer bug, a virus thingy."

Suddenly all becomes clear. "Ok," I sigh, "let's take a look..."

Contrary to stereotypes, my CEO is actually a relatively computer-savvy individual, who at the minimum knows that a) malware exists and is a real risk, and b) anti-virus and spyware programs are necessary. He is also a fairly rational and reasonable person, not given to moments of panic - but even reasonable people can get taken in.

"I think it's one of those spear-phishing attacks - you know, the ones where they target specific people..." says the CEO, fretting. "I saw this, and I thought it was from our lawyers, and then I looked again, and I started to worry, and..."

And so the panic grows.

It turns out that this particular e-mail is actually from our lawyers - albeit from a new employee with an unfamiliar name and a shaky approach to the English language, an unfortunate combination in the circumstances.

My CEO's mind, filled with recent stories about targeted phishing attacks on global CEOs - also amusingly known as ‘whaling' - went into worry mode, perhaps understandably.

While I'd rather not spend my days chasing down false alarms from my senior management, on the whole I would prefer to do this than deal with the aftermath of a successful attack or malware infestation - something which colleagues in other companies apparently have to deal with on a regular basis, as a result of their senior management's blundering online activities.

I do find it ironic, though, that while I have one of the few CEOs in the world clued up enough to spot potential phishing letters, I also have one of the few teenage sons in the world who is NOT clued up about online risks.

Indeed, the Brat's machine at home is now so riddled with adware, spyware, Trojans, worms and viruses that were supposed to have died out years ago, that I've considered donating it to a museum - as the archetypal ‘Worst Case Scenario'.

"But aren't you worried about people getting your personal details?"

"Nah."

That's his entire response: nah. "But if identity thieves get this address..."

"Don't use this address. Use the school's one."

Hmmm. Maybe my son is smarter than he looks.

"Anyway, I always give mum's name and date of birth and stuff whenever I sign up for dodgy things.

Perhaps not - normality, it seems, has returned.

Luckily, She-who-must-be-obeyed and I long ago took the decision to make our pride and joy use our laptops - under supervision - for any online purchases, first out of fear about what he might do with unfettered credit card access, and now out of the absolute certainty that any financial details entered into our son's computer would be disseminated to a number of European criminal organisations within a maximum of five minutes. Given this, we decided not to worry.

On the other hand, though, there are occasions when I would dearly love to swap my son and my CEO. Or, frankly, my son and almost anyone else on the planet.

"Hey dad - can you advance me some of my birthday money?"

"What for?"

"Well, this guy e-mailed me, right, and he says he's got a load of cash from some dead general in Nigeria, but he needs to pay a fee to get it from the bank..."

"Son, please tell me you did not give this guy your name?"

"Nah, of course not."

Praise be, and hallelujah.

"I gave him yours.

Maybe I spoke too soon.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code