Phishing for gudgeon

This past weekend I got a call from an older woman, about my mother’s age, regarding a question about something she “may have done to her computer.”  She explained the whole story about how she was going to check out the weather online and typed ‘weather’ into the search bar.  The first site that came up was not the standard weather site she had looked at the day before, it asked her for her mobile phone number, and then a password, which she gladly filled in.  Somewhat coming to the realization of what she’d just done, she found the cancellation link for her subscription to the weather text messaging service.  Shortly after this little mishap, I got the call.  I just told her to call her cell phone company and make sure the ‘service’ was actually canceled and that she had it on record that it was, just in case.

This incident, as well as the fact that I’ve been getting hundreds of “buy our stuff this Christmas” spam emails from legitimately signed-up-to companies, makes me rethink putting anything into text boxes and and hitting submit.  Any time your email goes into a form, that company could be collecting it and worse, selling it.  You have to read the fine print, and who wants to do that? You just want information.  I know that many of our sites we have created capture search terms, so we have a record of what is and is not being searched (after having to sift through the thousands of spam bot URL ‘searches’).  If there’s a form, they’ll try to send you links to some seedy business.  But where do we draw the line as a business? The reason we provide information on the Internet is to get some sort of marketing for ourselves or our clients.  There’s a fine line between using and abusing.