This all happenned because she was desperate for a hot man. All the prospective hot men in management will be queueing up for her next assignment.

Phishing - it's not exactly rocket science, is it?

You're assuming gullible and hot. What if she's gullible and not?

Stupid nasa

This is NASA. They could just access a mil sat, reprogram a predator drone, Next thing you know , some lad in Laos is lite up like a X-mas tree.

If only us "regular Americans" had the same support when we get our personal information compromised...

but I've never been caught out, did a little digging of my own when I 'apparently' won an Irish lottery - never having been to Ireland, but even with my non existent resources, I found a name - connected to various email scams, an address based here in the UK, but unfortunately couldn't find anyone interested in pursuing the matter further.

Another scam, some stock market thing, I came across led to a telecommunications company in Spain, but again, nothing I could do with the information.

A Nigerian prince did email me, but I just deleted it.

Perhaps I should send the info to NASA, they seem to give an fsck, unlike the British government.

Go chasing him down whilst wearing a diaper?

As long as the users are human, they will click on attachments, follow links, and do anything else that might satisfy their curiosity - however much they're told not to. It's the sysadmins job to make sure that no damage results; it's the sysadmins' manager's job to make sure that they are getting this done.

They actually nabbed a 419 Lad. Now how about they do that for the thousands more who are still stealing money from people every day?

UF had the bright idea almost a decade back:

http://ars.userfriendly.org/cartoons/?id=19990223

Back in December 2006, the US DOD started to block all HTML-encoded mail messages, inbound as well as outbound. HTML-encoded mail messages serve three purposes: distribution of spam, installation of malware, phishing. Plain text messages without any encoding work fine for everything else. How long is it going to take for NASA and DOE to figure that out? It really pisses me off that at DOE research labs we virtually lost our Internet and (!) local network because of "security" (a topic in itself), while at the same time the most basic measures are not being implemented.

They used at least four investigatory agencies over two continents to catch a simple phishing scam and all because it was a NASA employee and a gov' issued computer ( no mention of wether there was any sensative info on it).

If they can expend that kind of budget on one case, why can the authorities at least look at some of the big money scams that are pulled on joe pub'ic?

Is it because they don't need to be answerable to the great unwashed that pay their wages?

Skull & crossbones 'cuse there is no red flag. Come the revolution etc.!!!!

Indeed, the article (mis-)reads "The success this international team had in identifying the culprit is impressive. But it's important to note that this breach never would have happened without the cooperation of one very gullible (and likely delinquent) NASA employee."

No, actually, it's important to note that this SUCCESS would never have happened without a NASA employee involved. Come on.

Guy I know in the money business in the UK has a sign on his door: "No Nigerians!"

He means it, too.

Post this same sign in the USA and we'd get sued for discrimination in a Lagos heartbeat.

Tell 'em they better behave or we'll bring them democracy . . .

No news in that.

And the sentence would have been a lot less than 18 months, if the crime had been committed by a criminal in the USA and he'd invaded 10,000 computers.

It is time we hardened our laws against the criminals who threaten us most, the criminals who live here.

What do rocket scientists say when they want to say something's not hard?

Hey, it's not... like we're trying to talk to women.

....we have a spam problem!

"This is NASA. They could just access a mil sat, reprogram a predator drone, Next thing you know , some lad in Laos is lite up like a X-mas tree."

Thats American geography for you. Some kid in Asia get bombed, while the perp in Lagos still sends 419 emails.

Nothing in the article mentioned a 419 scam, why is everyone assuming that because they are Nigerian, it was a 419? This was something completely different.

Fired!

Fired?

Like "In a rocket"? Go on, it's a belter, that one! "Fired"? See?

Fired....

It's OK, I came out without one today...

Spot on....

The girl was conned by someone she thought she'd established some sort of trust relationship with. Not the same as clicking on a link from someone you've never heard of.

The security business has to accept that the end user will always do something that appears to us to be mindblowingly dim.

Our job is damage limitation...... live with it.

They managed to find and try this scammer? Great. Now, can they find Bin Laden and end the Tax Drain?

See, it's like this... '419', 'Nigerian', 'fraudster', 'scam', 'con', phishing', etc, etc.

All interchangeable terms. '419' is just a generic term for Nigeria's main industry - not to mention that of the ex-pat Nigerians in other countries - AND the wannabes of all races all over the world.

Plus, '419' has the merit of being short and pretty well understood...

Might interest all to know that, back before the interweb was 'invented', I had an interesting business relationship with some Nigerians in London. Their 'business' consisted of - what a surprise - credit/bank card and cheque fraud. From the proceeds of which they lived an amazingly affluent lifestyle. It's a long standing tradition.

Do you possibly mean Lagos? Laos is a bit far from Nigeria, being in Southeast Asia nexy. Though as this is the Americans we're talking about, Laos is probably within the "acceptable margin of error" for a strike on Lagos.

No pedant alert icon but I guess the lab coat will do.

When I received my first 419 email it came from within the European Union (from a big-name Internet cafe in Holland.) I printed it out and took it to the Police station thinking that if the person was in Europe I might be able to spoil his day. The Policeman I spoke to was very pleasant but said he couldn't do anything because under UK law no crime had been committed as I hadn't actually sent this person any money and got defrauded.

This is really cool... I can attempt to commit fraud as often as I like and the Police can't/won't touch me for it. I only have to be careful when I actually do steal the money.

I sent the email with headers to the administrator of the Internet cafe and received a response. The response was that it wasn't his problem what people were doing in his cafe.

Next I though "what the heck" and tried to report the matter to the Dutch Police. Their website contained no useful contact details.

I went to more trouble than most people would, just for the fun of it and got nowhere. Is it any wonder this kind of scam is flourishing?

...is not for "Security".

The "S" in NASA stands for 'stupidity'.

Stupid twat should be fired immediately.

Government agencies NEED to have strict policies about using government computers for personal use. Many corporations do.

Can't get 419 e-mail from Europe. 419 is an article in Nigerian Criminal Code.

The user clicked on a link, which resulted in a program being INSTALLED?

Don't they know how to lock down PCs there?

Or, what about their anti-virus software?

NASA = Naive Amateurs Stumbles Around?

Paris because... well... Even she can't be that dumb, can she?