You have to know by now that people have done some stupid things over the course of history, but what this experiment just proved, is that in this day and age of technology and modern marvels, our stupidity has not diminished. If anything, as I believe you will agree with me on this one after what I tell you about the results of the expirement, stupidity has only become a more commonplace thing. "What have people done that makes this guy think humans are so stupid?" you may ask. Well, I'll tell you..
First off, you have to understand exactly where this is coming from. There is a whole sub-Culture of hackers and wannabe hackers on the internet. The latter tend to be quite desperate to get in good with the hackers so they can get the cool illegal ID's to show off and maybe learn from the real hackers. I personally, do not hack, and really have no real desire to at the moment. But those illegal ID' do look pretty cool.. Plus some of these people were most likely just mad at someone else and wanted to teach them a lesson, but regardless of the motives, they were all stupid. Either way, myself and a friend of mine ran an expirement to see who was desperate and gullible enough to give up their own ID's and passwords for the chance to use cracking software. Here is how it was pulled off:
- A website was mocked up to look as if it had hacking software embedded within, even though its only purpose was to send the user's ID and password, should they so desire to fill in that area, via E-Mail to an undesclosed address. The site was so convincing, in fact, that Yahoo itself closed it down for "Distribution of Hacking Software and Viruses." An example of what it looked like can be found Here. Note the points used to make it seem as close to a real dubious website as possible, adding to the image.
- Once you enter the site, you can notice the title at the top of your window stating "Yahoo! Crackwarez"
- The Black background gives it an air of secrecy. It wouldn't work so well if the background had pink flowers on it, of course.
- The Disclaimer - Complete with bad grammer and semi-truths in it. It makes the webmaster sound as if he doesn't want to get in trouble for what you do with this.
- The instructions next to the disclaimer on how to use are so simple even those who fall for it can understand. Even though it never explains exactly how you will recieve your target's password, you can at least know that it will take a few minutes on a 56k modem.
- Very simple text forms, with the ID ones providing the exact maximum amount of characters aloud in a Yahoo! ID, and the password field set to enter in in asterisks, giving a feeling of security that is utterly false.
- And finally a small bit at the end declaring the software to be copyrighted. Just an extra bit still adding to the image.
- Once the user submits this info an e-Mail is sent with their info, and they never get the password they want. Some people must have realized then what was wrong while others just kept sending and sending, never catching on to what had just happened.
- "What about those who knew already and just sent you fake messages?" is a good question. While these people may believe themselves to be clever, and while they did prove to be very creative and amusing, they were fooled nonetheless. For anyone who has ever operated forms on Geocities knows that it always gives you the sender's IP address. Real hackers would be on them in a moment, should they so desire. Be glad I don't hack, those of you who fell for it.
- People found out about this site through some simple chat room advertising.. talk about knowing your target audience..
So there it is. In the course of about 2 days the site and another like it recieved a grand total of about 90 E-Mails with about 60% of them disclosing real ID's and passwords. This leaves one question remaining. WHY would people be so stupid?
While I can't fully answer that question with 100% certainty, one could guess at some of the factors. Prepare for another list.
- People are plain stupid - A pretty mean thing to say, but in some cases it is true, unfortunately.
- We tricked them - While I would love to say I am that good at fooling people into doing what I want them to, that would be a lie. While some were probably tricked, but nobody ever made them do it. Here is where I will apologize for being so mean, however. But it had to be done, and now this will serve as a warning for anyone who may be fooled into such things. People do learn from their mistakes, and while I did not take any of the ID's, I suggest those of you who fell for it to change your password and look at info you see on the internet with a renewed cautiousness from now on.
- Greed got the better of them - Envy over someone else's ID could hive blinded them to the obvious descrepencies in the website.
- Anger - Those who undoubtedly came to hack someone's ID because they were mad at them probably fell under a similar haze of deception.
- Pure Ignorance - If they don't know any better, who is to blame someone for trying?
Go Back to the Main Page or go Back to the top of the page.
© 2001 Sean Duffy. All opinions expressed on this page are purely that of the owner. Sean is not a hacker, and didn't do anything all that mean, so don't get too mad at him. He does not know why he is talking in the third person right now. He is kinda hungry right now too. Yahoo! and Yahoo! Geocities are registered trademarks of Yahoo! Inc. Any typo's he made on this page are his own fault, because he does not have a spell-checker on the program he coded this with.