From the Wired Campus Blog (this one has had some good stuff!), 2 Indiana University grad students did a research study on privacy and the public sphere. Using public information, they sent customized emails to students that appeared to be from their friends directing them to a website which required authentication. Once there they authenticated with their IU logins — oops!
I find this so informative/educational for people. We always try to tell our faculty, staff, and students don’t believe the From and don’t click on web links in emails (especially if you’re not expecting them!). I was amazed to read that the students did go through their IRB — Human Subjects Committee — process. People just trust email too much.
Leave a Reply