Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

When Webmasters Get Phished?

Cliff posted more than 9 years ago | from the gone-phishing dept.

The Internet 55

SirJorgelOfBorgel asks: "Many of us run webservers. Some of us just for fun - hosting many of the 'less important' stuff around on the web, others professionally. Though you always try to keep your webserver secure there's always the possibility you get hacked. What do you do, then?" You would think that, by doing the right thing and reporting the incident to the proper authorities, they would do the right thing and go after the hackers, right? This may not be the case. Here's a cautionary tale on what may happen if you follow that line of reasoning. The real question here is: what else could SirJorgelOfBorgel have done to make things turn out as he expected?"It happened to me a few months ago, and the hacker installed a phishing website. Of course I found that out within a few hours and removed it (and patched the used vulnerability). To be helpful, I packed the whole folder, relevant logs, etc, and sent them -- accompanied by a letter explaining what happened -- to the fraud reporting email address of the bank that was the target of the attempt. That's what we all would do, right?

To my surprise however, instead of them trying to found out who it was that made the attempt (an email address where the phished usernames/passwords were transmitted to was clearly visible in the source), they had me disconnected from the Internet and put on an ISP blacklist. Took me some cash and a lot of time to even get reconnected to the Internet. And there I thought they would be happy with this information.

In light of this, if you should ever notice a phishing attempt, would you still report it, knowing it might get yourself in a lot of trouble? I for one, probably won't.

Furthermore, though I know it is my own responsibility to make sure my PCs are well protected, would there be any legal action I should/could take to get reimbursed for my losses? (The bank is a US bank, I am not a US citizen.)"

cancel ×

55 comments

Sorry! There are no comments related to the filter you selected.

Waste of time... (1)

Saeed al-Sahaf (665390) | more than 9 years ago | (#13027892)

they had me disconnected from the internet and put on an ISP blacklist. The sad truth is that for the average person, it's just a waste of time to try to contact the proper authorities in cases like this. Most of the time, they will simply ignore you, so you have expanded time, energy, and perhaps money for absolutely nothing but aggravation. Delete and move on...

Re:Waste of time... (2, Funny)

The Clockwork Troll (655321) | more than 9 years ago | (#13028020)

If you have figured out a way to expand time, energy, and money, then I'd say the downtime was worth it and you'll make up your losses in short order.

Re:Waste of time... (0)

Anonymous Coward | more than 9 years ago | (#13028289)

Amazon has already patented that. Move along.

Re:Waste of time... (1)

macdaddy357 (582412) | more than 9 years ago | (#13028875)

It is simple actually. No "good deed" will go unpunished. Look out for number one. That bank's problem was not the webmaster's problem. Here is another example: If you go into a public restroom, and someone has trashed the place, do not point it out to management. They will only accuse you of doing it, so find another place to use the can.

Re:Waste of time... (0)

Anonymous Coward | more than 9 years ago | (#13029869)

Yea, I have been bitten trying to help someone out too. Take this site for instance:

http://www.biddingatauction.com/lotsearch.cfm [biddingatauction.com]

They have a SQL injection exploit available at the very page listed above. If you put some mal-formed requests in there, it will dump out a Coldfusion error (along with the full SQL statement they are using) Using some simple SQL commands, you could clear any of their tables, add rows to their tables, or change auction prices (sheesh) I made a nice long letter about it, showed them how to fix it, and documented exactly what was wrong. Guess what, its 6 months later, and it still vulnerable. (shrug) Oh well!

They sound justified (-1, Troll)

Karma Farmer (595141) | more than 9 years ago | (#13027893)

Sooo... someone used your webserver to defraud a bank. And, upon learning of this, some people at the bank took action to have your webserver removed from the net.

That sounds right, frankly. In fact, I wish it would happen more often. I really have very little sympathy for people who put insecure servers on the internet.

Re:They sound justified (2, Insightful)

Anonymous Coward | more than 9 years ago | (#13027945)

That's only right if in fact he had not already removed the phishers site. He was trying to do the bank a favor after having already cleaned up the mess on his end. He also claims to have provided them with everything the phisher site had including logs. This type of information can be invaluable in tracking down who/where the person originating the site was from and protecting anyone that was dumb enough to use the phishing site. Instead of taking note that the phising site was down and that this person had diligently done what he could they took a knee jerk reaction and had his site not only shut off by his ISP, but blacklisted. Those actions shouldn't have even been possible, and they certainly aren't right.

Re:They sound justified (0, Troll)

metalhed77 (250273) | more than 9 years ago | (#13027998)

Because your server is impervious 100% of the time right? And this could NEVER happen to you.

Re:They sound justified (0)

Anonymous Coward | more than 9 years ago | (#13028217)

No sympathy huh?
Post your server's IP address and lets see who's insecure.

Re:They sound justified (1)

frp001 (227227) | more than 9 years ago | (#13031992)

Errr.. Let me see... 127.0.0.1

Re:They sound justified (1)

cecille (583022) | more than 9 years ago | (#13033889)

I have very little symphathy for people who expect perfection of everyone and go around putting themselves on a high horse. Before you go around making rude comments about someone else's perceived shortcomings, I would like you to honestly state that your server has never gotten hacked, you've never had a computer virus or downloaded a piece of spyware, and never had any sort of computer security accident. I'd be willing to bet the the VAST majority of people on this website have had some peice of computer equipment compromised in some way. And while this isn't desirable, it is certainly understandable - we're not perfect. At some point, everyone is going to install some bad software, click on a bad attachment, forget to close something on their server, be a bit slow off the mark with the patches etc. Mistakes and accidents happen, and it doesn't necessarily mean that the person is stupid or a bad admin.

On a slightly different note, what if the poster was just learning about server administration? Would you be absolutely intolderant of mistakes made there too? Is there no room for a learning curve or do we now expect people to be all-knowing computer geniuses from birth? Tell me honestly that you've never before made a single error and then maybe you'll be allowed to make arrogant and rude remarks to people about how they're not good enough for your high standards.

So (-1, Troll)

Shaklee39 (694496) | more than 9 years ago | (#13027916)

What does phishing have to do with this? Or do you even know what that means?

Re:So (2, Funny)

orkysoft (93727) | more than 9 years ago | (#13027957)

The fact that the intruders put a phishing website on SirJorgelOfBorgel's machine, perhaps?

What does reading have to do with this? Or do you even know what that means?

Re:So (1)

NevermindPhreak (568683) | more than 9 years ago | (#13030939)

the webmaster did not get phished, as is the title of this article. a phishing site was put up in place of the website he administrates, when said website was hacked. maybe you should do a bit of that "reading" stuff you talk about. :-P

of course, the grandparent should really just let typos like that go. this is slashdot, after all.

Folder? (-1, Flamebait)

keesh (202812) | more than 9 years ago | (#13027938)

Folder? IMAP has folders. Filesystems have directories. Sounds to me like you ran IIS on a public-facing machine, in which case you deserve everything you got.

Re:Folder? (3, Interesting)

bluephone (200451) | more than 9 years ago | (#13028098)

I used to be all militant about that too. Then I realized it didn't really make any difference at all. MacOS always called them folders. With Windows 95, the MS world changed to that term too (albeit slowly). Frankly, it's a more accurate term for the metaphor, as a directory is a list, rather than a container. And it's faster and easier to say and type. The world changes. I decided to quit yelling at the tide.

For unix, "directory" is right. (1)

chl (247840) | more than 9 years ago | (#13028455)

In the unix world, "directory" is (was?) exactly the right word, since in the typical unix file system, a directory is just a list that matches inode numbers to names, just like the (phone) directory from which this metaphor is derived.

Of course, people may choose not to care.

chl

Re:For unix, "directory" is right. (3, Interesting)

bluephone (200451) | more than 9 years ago | (#13028955)

from a programming perspective, sure, it is correct. From a human perspective, it's sorely lacking. Most coders and/org *nix fans fail to recognize that the wider world of people think in human terms, not programming terms. This is another reason why the standard *nix method will not "take over the world". Maybe it's time the metaphor evolved. Yes, it's not an actual container, but it is a metaphorical container, therefore the directory term fails in the metaphor sense despite being technically correct from the programmatical metaphor.

We evolve. Join the club.

Re:For unix, "directory" is right. (1)

chl (247840) | more than 9 years ago | (#13029351)

Actually, I think it is also a useful metaphor in the human perspective. It is just a different metaphor than the one with the containers and I do not personally mind if people choose a different model to represent what is going on in that strange gray box. I could not even tell you if my coworkers use Folder or Directory.

chl

Re:For unix, "directory" is right. (1)

Tim C (15259) | more than 9 years ago | (#13032055)

I'd be surprised if any modern filesystem didn't work in more or less that way - eg a big list of filenames pointing to the actual locations of the start of the files on the disk.

But as the GP says, the users of the computer don't think of it that way. They think of putting/saving a file *in* the folder, not saving it on disk somewhere and adding the link to it to a given directory.

Re:Folder? (1)

eyeye (653962) | more than 9 years ago | (#13028178)

Dont read too much into it, sometimes i forget myself and call directories folders (and hope nobody notices ^_^ ).

Re:Folder? (1)

ultramkancool (827732) | more than 9 years ago | (#13028475)

I too call them back and forth (I was a dos (directory) then windows(folder) now unix(directory)). But most people don't care what you call them even on KDE 3.4 they call them folders. I prefer directory personaly.

Re:Folder? (1)

yuri benjamin (222127) | more than 8 years ago | (#13070448)

"Folder" rolls off the tongue more easily, being only 2 syllables as opposed to 4 syllables in "directory". OTOH, in written form when posting on *nix mailing lists, I shorten it to "dir" as in "How do I do XYZ to all the files in dir 'foo'?"

When telling my wife where I saved a document, I tell her what "folder" it's in because that's the metaphor her gui (kde) uses.
I remember some desktop gui I used back in the eighties used drawers rather than folders. Can't recall where I saw that.

Re:Folder? (0)

Anonymous Coward | more than 9 years ago | (#13028988)

I think that's a shitty attitude and so I've hacked your website at 127.0.0.1, asshole.

Re:Folder? (0)

Anonymous Coward | more than 9 years ago | (#13029169)

You bastard! That's my site, too!

Re:Folder? (3, Insightful)

xrayspx (13127) | more than 9 years ago | (#13028989)

Sounds to me like you ran IIS on a public-facing machine, in which case you deserve everything you got.

Yes, of course, everyone running IIS is completely incompetant. There is no good reason ever to run IIS. Everything you can do in .Net you can just as easily do in PHP or Perl.

I am a Unix guy, I don't run Windows on my personal machines. I don't run Windows on my (primary) work machines. I do, however, know that it is very possible to run a site of reasonable security on IIS.

Unix people (mainly noobs) with militant "you deserve what you get" attitudes are a serious detriment here. Plenty of OSS apps get badly hacked as well. Lately we've seen stats programs, and even freaking ZLIB expose remote code execution vulns.

I'm not saying "don't trust open apps", I'm saying "don't blanket condemn closed apps", especially when someone asks a simple question which deserves a simple answer. Show me where he says "I run IIS".

US Banks (5, Insightful)

SlackBastardNetworks (850208) | more than 9 years ago | (#13027991)

Having dealt with banks (and other industries) in the US many times in the past, I'd like to point out that the average bank has a limited IT department, and the people working there tend to be below par by Slashdot standards. Again, I'm talking about averages here, so keep the "i wok at bank weth fiv otur giys wee al expirts!!1!" flames to yourself.

That said, it's important to remember that they're not going to actually read any explanations you attach to anything you send them. What they will do is look over the attachments, make their own determination as to what happened, and go tearing off in a random direction, convinced of the righteousness of their crusade.

So how do you notify them of the phisher without being bitten yourself? Complain about phishing emails coming from the address in question. Don't mention a website. Certainly don't mention your own server. Is this dishonest? Yes, technically. But if you're competent and you know they're not (or at the very least suspect they're not) it's more a case of tailoring the information to suit the audience. You don't explain moral values and arguments to a guard dog, you simply point at the intruder and tell the dog to "sic 'em!".

There are other US industries to be wary of, with regards to IT: insurance, legal offices, professional medical offices (hospitals, doctors, dentists, chiropractors, etc). The smaller offices tend not to know what's going on, the larger ones tend to push everything off on an IT department that's entirely too small for its own good (and may be staffed with less than the best), and they all tend to make demands that don't coincide with consensual reality.

Why is it like ths? From what I've seen it's a matter of not having IT people, or letting someone who doesn't understand what's needed do the hiring. They end up with a lot of paper tigers, or worse. I remember one insurance office that had hired an agent's neighbor - a 13 year old self-proclaimed 'firewall expert'. It took me two weeks and nearly $1000 of their money to sort out the mistakes he'd made (and find/remove all the snoopers he'd left behind).

In a nutshell, try not to use big words when dealing with US banks, and only give them the information they need to point them in the right direction. While your mileage may vary, it's a good practice, because it will protect you.

I'm sorry, but I don't have any advice on how to recover your losses with regards to the actions the bank took.

Re:US Banks (-1, Troll)

rylin (688457) | more than 9 years ago | (#13028029)

Dear SlackBastardNetworks,
in Our bank [citibank.com] [goat.cx] - "Citibank" - we pride ourselves on the fact that we only hire people with a SlashDot [slashdot.org] [fark.com] UserID less than 100000.
We meticulously screen our employees from time to time, to make sure we do not have employees that are a liability.

In fact, I feel so strongly about our bank that I'll give you a 8% monthly interest on your savings account, if you just Sign up [citibank.com] [gnaa.us] for a new account.

Kind regards,
Citibank.

Re:US Banks (1)

identity0 (77976) | more than 9 years ago | (#13028574)

Ooh! Ooh! I'm looking for a job! Where do I apply, and do I have to be as... flexible... as your mascot?

Re:US Banks (2, Informative)

clambake (37702) | more than 9 years ago | (#13030180)

and the people working there tend to be below par by Slashdot standards

Worked at a company that dealt with banks a couple of years ag, and I have to agree. MORE THAN ONE of them used the name of the bank backwards a the passwords to thier vpns... seriously people, BANKS!

Re:US Banks (1)

WebCrapper (667046) | more than 9 years ago | (#13032138)

Back before identity theft got popular, I was starting a business and stumbled across an incorp site that was obviously made out of FrontPage... Since I worked with FP at the time, I knew that it could empower the idiot masses, so I viewed the code. Low and behold, it was storing the form to the site. This form had everything you needed to take over someones life - Their name, business name, 2 addresses, CC info, shareholder info with their SSN's, cc info - everything.

I emailed the site owner and even gave my phone number so they could call if they wanted to - stupid me... The lawyer called his local police, said that I broke into his website and was stealing his business (not the idents mind you) and he had my phone number and he wanted to press charges.

Luckily, my local, somewhat competent, police dept got a faxed copy of the email and just called me up and told me what he was attempting to do. They politely told me that they'd take care of it, but don't contact the guy again.

Re:US Banks (1)

tod_miller (792541) | more than 9 years ago | (#13031120)

i wok at bank weth fiv otur giys wee al expirts!!1!

I find so many phishing sites still up a week after the email timestamp, when I finally check my phishy-email folder.

I email the url, and email to the site contacts, ISP, lots of other info. I am thinking of making a firefox plugin called ' report phish ' which will email from a whois lookup, the nameserver admin, the webserver admin, the hosting guys, any personal email found on that root site, also the reply to address or any valid address in the site, any company that is being scammed (paypal) PLUS the TLD owner countries ecrime police, plus the registered companies tld ecrime police.

If I install a vanilla windows 2003 web edition server, and someone hacks it, and puts up a phishing scam, is it Microsofts fault for installing a trjoan OS, no matter of intent as read, or do they cover themselves by saying this product is not designed to be connected to a public network?

It is sure as hell advertised as such, and I think them not having liability (or any other server manuf.) is like a car company making cars with failing brakes, and saying these cars are not meant to be driven in the small print.

Or is it my fault for being stupid enough to think I can run a web host out of the box?

Interestingly, as everyone gets a 10mbit connection, surely hosting companies are screwed? Artificially stopping people hosting their own websites is like telcos stopping VoIP.

Re:US Banks (0)

Anonymous Coward | more than 9 years ago | (#13031560)

Complain about phishing emails coming from the address in question. Don't mention a website. Certainly don't mention your own server.

Light, don't do it that way! Suppose the bank (or a government) had noticed your site in the handful of hours it was actually someone else's phishing site; you wouldn't have any proof that it wasn't you that put the thing up.

Get in touch with an FBI agent via email or phone, but don't send him your evidence yet. Say exactly what your logs say: that at time X, someone hacked your site with exploit Y and set up a phishing site for bank Z, and that you still have all these logs. Ask him if he wants the logs. The important point is to create a dialog. You want a question/response type conversation going on, so that you know you're not just dumping messages into a black hole. That's step one.

Step two is to announce (preferably here, so that we know) the name of the bank. This bank shut down your website. There are two main possible reasons the bank moved against you. First, the IT guys are very retarded and don't have the reading comprehension to have known that the phishing site was already down. In that case, they probably followed some standard operating procedure for shutting down phishing sites. The second reason is that the bank lawyers outlined a standard operating procedure for dealing with phishing sites, and the IT guys were forced to follow it. In either case, the SOP probably involves reporting the case to the FBI. You may already have a case file open against you.

As far as getting renumeration from the bank, I'd say you have a decent case. The bank basically took shutdown actions against a random website, as there was no phishing site at the location they wanted shut down.

Next to lastly, all of this advice should be considered wrong if your website is something along the lines of www.citybank.com or www.bankamerica.com. Lastly, it's important to tell us the name of the bank involved and what URL you're using so that we can judge for ourselves whether or not to do business with that bank.

Report to someone who can do something about it. (1)

3.2.3 (541843) | more than 9 years ago | (#13028000)

I don't know about your state, but I reported a phisher to my state bureau of investigation, because the phisher was targetting a state employee credit union, and the sbi pursued it.

I think your only liability is not to report it. Just report it to law enforcement instead.

If someone intentionally interferes with your business, yes, you should sue the fuck out of them. Especially if they have the ability to pay, like a bank.

However, I'm puzzled by this vulnerability you patched to prevent phishing. I, too, don't think you know what it means.

Re:Report to someone who can do something about it (2, Informative)

swimin (828756) | more than 9 years ago | (#13028035)

I think the Original Post meant that his website had been taken over as part of a phishing scam, and he patched the vulnerability that allowed the takeover.

Re:Report to someone who can do something about it (3, Insightful)

Questy (209818) | more than 9 years ago | (#13028045)

Better yet...

Do the one thing the bank will do nearly anything to prevent... Publicize it far and wide. Let everyone know the bank, their name, and the cities affected wherein people whose information was compromised live. Once their customer base is all over their phone lines demanding information that only you can provide.

Of course, unless you signed an NDA in which case...ignore me. :)

Re:Report to someone who can do something about it (3, Funny)

Karma Farmer (595141) | more than 9 years ago | (#13028070)

Great idea. That will prove that his intentions were honorable, and the bank's actions were misguided.

Re:Report to someone who can do something about it (1)

secolactico (519805) | more than 9 years ago | (#13028939)

Great idea. That way you'll only be inconvenienced by a libel/slander lawsuit if the bank is so inclined. Even if it has no grounds, you'll still have to spend time/money until it's thrown out of the court.

you'll still have to spend time/money ... (1)

da5idnetlimit.com (410908) | more than 9 years ago | (#13031603)

And you just happen to have access to a few hundred online bank accounts...

Re:Report to someone who can do something about it (1)

fuzzybunny (112938) | more than 9 years ago | (#13032193)

That way you'll only be inconvenienced by a libel/slander lawsuit if the bank is so inclined

From TFA (or TF Post, or whatever):
"(the bank is a US bank, I am not a US citizen)"

Last thing I checked, US civil judgments still weren't enforceable abroad. Slander away, Mr. Sulu...

Re:Report to someone who can do something about it (1)

passthecrackpipe (598773) | more than 9 years ago | (#13028553)

This is so correct - a bank is not interested in seeing the law served, it is interested in seeing their business served. Those two are rarely the same. Probably some lame misguided attempt to just make the whole thing "go away"

Perraps your actions had nothing to do with it ... (4, Interesting)

dougmc (70836) | more than 9 years ago | (#13028025)

To be helpful, I packed the whole folder, relevant logs, etc, and sent them - accompanied by a letter explaining what happened - to the fraud reporting email address of the bank that was the target of the attempt. That's what we all would do, right?
What seems quite likely is that these actions really had nothing to do with it.

When I get a phishing attempt, I generally report them to the institution being impersonated, especially if it's more convincing than normal. I imagine that some other people do the same. It's entirely possible that other users reported `your' phishing site, and the bank was already in the process of getting it shut down when they received your email.

... if they ever received your email. Lots of places don't really read their abuse@ addresses, or filter it so heavily that most everything gets filtered.

And if they did get your email, and it was received by the right people, they probably don't care. Your site cost them money, even if you claim that you weren't directly responsible, and they'll do what they can to stop it from happening again.

Ultimately, the right answer is to keep your system secured enough so this doesn't happen. Your email after the fact was the Right Thing [tm] to do, at least morally, but I'll bet if you had checked with your attorney, he'd have suggested not sending it at all. as it could be used as evidence if the bank decided to sue you.

It's not right, but it's the way things are ... being a Good Guy [tm] just doesn't pay anymore.

name of institution, please (0)

Anonymous Coward | more than 9 years ago | (#13028315)

Dude, don't expect anything to change if you don't post the name of the bank, the name of the ISP that bent over for them, and details such as the names of any individuals you talked to.

Hell, I could be doing business with these guys right now, and you are not even going to warn me ?

NAME NAMES! (3, Insightful)

Anonymous Coward | more than 9 years ago | (#13028531)

When you have a story like this, backed up with documented facts (I hope), and you go to the "press" (slashdot is the "press", sad but true), you need to state the names of all companies involved.

I need to know your company's name, so I avoid your insecure web servers.

I need to know the bank's name, so I can avoid ever reporting anything to them.

And I need to know your ISP's name so I can double-check any contracts I might have with them.

What's the point of posting this when we have no idea who it is, or even if you made it up or not?

Re:NAME NAMES! (1, Insightful)

wik (10258) | more than 9 years ago | (#13030374)

Ironically, you posted this request as an anonymous coward.

Name yourself so I can avoid you!

Re:NAME NAMES! (1)

timmyf2371 (586051) | more than 9 years ago | (#13053479)

Yes Slashdot is "the press", however it's an Ask Slashdot and not really an article that's been posted as "news" so the information is incidental to it's main task.

I'll concede that knowing the bank involved and other details about this incident would be nice to have, but as an Ask Slashdot the information isn't "needed".

Reimbursed? (0)

Anonymous Coward | more than 9 years ago | (#13028877)

You're the one that apparently left the server with a known vulnerability and didn't patch it until it was attacked. Why would should anybody reimburse you for that?

Are you sure of cause and effect? (2, Insightful)

Monte (48723) | more than 9 years ago | (#13029417)

Are you sure that -

1) It was the bank that had you disconnected (it might have been a phishing victim doing the complaining to someone else,

2) It was because you notified them that they had you disconnected (they might have already gotten phishing complains and had the disconnect in the works while you were still gathering the evidence)

I'd like to hear the bank's side of the story.

I know, in /.-think that makes me weird, because we all know it's Yet Another Example of Evil Businesses Keeping the Man Down.

Let me FUCKING guess (1)

Profane MuthaFucka (574406) | more than 9 years ago | (#13029914)

Was it Fleet Bank? I hate them so much.

Their collection department used to call me up looking for their delinquent customer. The phone line was new to me, but apparently the number used to be owned by a real deadbeat.

When I explained the situation about the phone line, they told me that they were putting all my excuses into my record. Heh. Finally, I told them that they were fucking idiots, and hung up.

Next day they called back and asked why 1) I haven't paid them their money, and 2) why I was so rude to them on the phone yesterday.

I responded by telling them that I pay for the phone line and I'll fucking swear on it if I want to, and BY THE WAY, can you transfer me to the people who can cancel my credit card issued to fleet bank.

By the end of it, you had better fucking believe that Fleet Bank knew that I wasn't the person they were looking for, and my actual record there does indeed note that I like to swear at stupid people.

The best thing is that they've called me back several times trying to interest me in various financial services. Each time, I ask to speak to a manager, and they get the full story of what fucking idiots they are, and how I'd rather eat my own poop rather than do business with them.

I also have told at least 30 people in person about what asses Fleet Bank are, and many more through Internet postings like this one.

It's a true story, and truth is an affirmative defense against both libel and slander, so fuck 'em.

Re:Let me FUCKING guess (1)

sweetooth (21075) | more than 9 years ago | (#13030028)

Well, the funny thing is Fleet barely exists as a bank any more, they are in the process of being absorbed by Bank of America.

http://www.fleet.com/bankofamerica/ [fleet.com]

Re:Let me FUCKING guess (1)

Profane MuthaFucka (574406) | more than 9 years ago | (#13030406)

The sweetest thing in the world is to outlive all your enemies.

Re:Let me FUCKING guess (1)

WebCrapper (667046) | more than 9 years ago | (#13031129)

Sadly, I completely understand...

I was flagged in Verizons customer database. Flag stated that I was rude, cursed a lot and actually knew what I was talking about... Aparently the new supervisor I chewed up and spit out after a week long DSL outage didn't like me.

Oddly enough, I found this out when I worked for them as a contractor a year after I closed my account - they keep their customer records for far too long.

I'd rather eat my own poop rather than do business with them. - thanks for the laugh...

Be glad your NOT an Amerikan!! (0)

Anonymous Coward | more than 9 years ago | (#13029943)


Because then you'd be haressed and possibly brought up on charges that you conspired in haveing your own equipment hacked because of your *lack* of secure software!!

What happened to you should be proof enough that this is not outa the question with amerikan *authorities* and their simplton thinking.

I'm sure your not laffing tho, as these type of things are becoming the norm in this hell whole of a country.

:(

Bank's view: you are the problem (1)

thechuckbenz (526254) | more than 9 years ago | (#13030268)

It's easy to understand the bank's actions if you pretend you are a bank President.

You've shown that your system can be used to hurt his bank, so he will try to prevent that from happening ever again. The FBI will arrive shortly to impose a Mitnick order (that you must never use a computer ever again).

(What kind of world did you think you lived in, anyways?)

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>