I used to think that the phrase “cold sweat” was just a hackneyed expression, a handy phrase for lazy writers—like “biting rain” or “bitter cold.” But I was wrong, as I discovered yesterday when I sat at my desk, reading a forwarded e-mail from someone named Anna Miller who was pitching ad space for an expensive, high-profile online marketing campaign.
The cold sweat didn’t start until I read the signature at the bottom:
Anna Miller
Purchasing Agent
Fitzgerald Communications
450 S. Main Street
Ann Arbor, Michigan
That’s when the icy sweat began to collect under my arms, on my forehead, along my thighs.
I read the signature block again. And again. And again. Thinking I must be caught in some old Twilight Zone episode.
Here was someone I’d never heard of. Using my company name. My company address. Even my web site, with one slight difference: the domain was .net instead of .com.
I clicked on it. Yup. It was my company web site alright. Hijacked.
The cold sweat began to accumulate. I found myself trembling slightly.
Then I got to work. Called the phone number below Anna’s name. Got a busy signal. Looked it up online. Found that it was unpublished but belonged to a land line in Ann Arbor. I tracked down the owner of the domain—a man, giving a false name no doubt, in Atlanta. I looked up the server and learned it was located in the U.K.
Finally, still sweating, I called my web developer. He was slightly perplexed at the level of personalization in the scam but obviously fascinated. Within half an hour, he had tracked down the host location. Russia. Which explained those long visits from Ukraine I’d been seeing on my Google Analytics page. Next, he helped me lodge a formal complaint with the UK server and devised a code that would “break the frame” or as he explained it, automatically reroute visitors from the illegal web site. Fifteen minutes more and he had posted an alert on every page of my web site:
SCAM ALERT:
If you have received a recent e-mail using Fitzgerald Communications’ name and address, and inviting you to participate in an online marketing campaign, be advised that it is a scam. The web site address appearing on these e-mails is: fitzgeraldcommunications.net. To date, we have determined that this domain originates in China and is hosted in Russia.
We are pursuing measures to have the illegal web site taken down immediately. In the meantime, we apologize for any inconvenience.
It was early afternoon before the cold sweat finally and completely disappeared. And yet in a way it still lingers, in the form of a vague paranoia and a nervous aversion to Firefox and Safari.
In a weird way, I suppose I should be grateful for this rough Russian education.
All is not well in cyberspace. Life is not sweet and good and beneficent on the worldwide web. Universal access to information is not for free. It can cost you your identity, your reputation. Or at the very least, your time, energy and money as you work to remediate the damage.
I hope you all manage to avoid the kind of cyber-mugging I experienced yesterday. To borrow yet another hackneyed phrase (this one from my old high school theater teacher), “forewarned is forearmed.”
Nostrovia!