Jump to content



Photo
security phishing privacy

  • Please log in to reply
2 replies to this topic

#1 Pallab

Pallab

    Neowinian

  • 1,419 posts
  • Joined: 11-August 04
  • Location: India

Posted 01 May 2013 - 15:06



Posted ImagePrivacy and internet aren’t exactly best friends. In fact, it might well be better to assume that as long as you are on the web, you will suffer from an unexpected privacy breach sooner or later – whether it is due to your own naiveté or due to third party security mishaps. However, that doesn’t make irresponsible, careless, and purposeful data leaks any less aggravating. Today’s offender is CLAT or Common Law Admission Test.

CLAT is a fiercely competitive centralized test for admission to prominent National Law Universities in India. Last month, CLAT closed its application procedure. Soon after, in an amazingly dumb headed move, it mailed all applicants a PDF titled “3. Online Applications (UG) Submitted till 30th March 2013”. Here’s a look at its content.

Posted Image

Yes, someone in CLAT thought that it was perfectly appropriate to dispatch the full list of more than eighteen thousand candidates along with their email ids in a PDF. Now I understand that CLAT probably has more lawyers than technically minded folks, but it’s shocking that no one in its technical team acted to stop this amazingly boneheaded move. For good measure, CLAT also uploaded this document to its website (where it is still available).

Now, an email address isn’t very high on the list of sensitive information. However, in the wrong hands it can be misused. And, misused it was. Over the past few weeks, candidates listed in the document have been receiving mails appearing to be from helpdeck@clat.ac.in, claiming to be sent by Dr. Dipak Das, Registrar In-Charge of Hidayatullah National Law University, Raipur and the Convenor of CLAT-2013. The mails ask the Candidates to immediately deposit Rs. 2000, in order to avoid cancellation of their application due to non-payment of fees. Considering the state of the candidates mind, and the relevance of the message, it’s not surprising that many have fallen victim to the phishing scam. Thankfully, the scammer in this particular case was naïve enough to demand a money transfer to an SBI (State Bank of India) account, which should be easily traceable. CLAT might not have a lot of technical expertise or common sense. However, one thing it does have is access to plenty of lawyers. Unsurprisingly, CLAT-2013/Hidayatullah National Law University, Raipur, is taking necessary legal steps.



Source


#2 CJ33

CJ33

    Neowinian

  • 550 posts
  • Joined: 03-February 03

Posted 01 May 2013 - 15:12

This is totally offtopic, but I think Its just amazing how many names are on that list there starting with two aa's.

I'm indian myself, and I know many of these names are transliterations, but still find it intriguing.

#3 javagreen

javagreen

    Neowinian

  • 1,439 posts
  • Joined: 16-July 04

Posted 01 May 2013 - 15:15

Then again, it's dated April 1st.

April Fools? :shifty:



Click here to login or here to register to remove this ad, it's free!