Email Horror Stories: Messaging Scares From 2010, Just In Time For Halloween

Happy Halloweeeeemail… *ahem*. Yep, just in time for Halloween 2010, it’s time for a list of some of the year’s scariest email stories thus far.

Since email plays a role in so many high-profile news stories these days, it’s always hard to choose just the top ten.

Since there are always so many to choose from, I like to get a selection of email blunders and security threats that you’ve probably seen before, as well as a few that might have escaped your attention.

So, without further introduction, here are some of the “spookiest” email stories of the year:

1. eDiscovery nightmare: Investment firm fined for not saving emails
Brokerage firm Piper Jaffray & Co. was fined $700,000 by FINRA for alleged “shoddy email practices.” The law firm apparently failed to save over 4 million emails between 2002 and 2008. The firm attributed the failure to disclose “intermittent trouble with email retention and retrieval during the relevant period.”

2. Rise of the zombies: Millions of PCs hijacked, Stuxnet botnet targets real-world infrastructure
Microsoft researchers revealed that millions of computers worldwide (more than 2 million of them in the US) had been compromised and made part of botnets in just the first 6 months of the year. In October, Microsoft issued its largest ever list of fixes for flaws in Windows, Internet Explorer and a range of other software. This included a security patch to plug a hole exploited by Stuxnet, the first-known worm designed to target real-world infrastructure such as power stations, water plants and industrial units.

3. Indecent exposure: Aussie banker (almost) gets fired for televised email blunder
No place is safe, not even your desk. A banker at Macquarie Private Wealth in Sydney opened not-safe-for-work photos of a model, unaware a colleague behind him was doing a live television interview about the Australian economy.

4. Creepy overshare: Security Breach at Shell Reveals Personal Employee Information
The situation is particularly difficult for the infamous oil corporation—the database of names and personal contact details of 170,000 employees had been e-mailed to several non-governmental organizations, including Greenpeace, Friends of Earth and Shell Guilty.

5. Giant worm attacks: ‘Here You Have’ marks return of old school threats
A mass-mailing worm masked as a PDF marked the return of an old spam tactic by spreading via infected computers and email address books. To make matters worse, it also had an Autorun feature that spread the worm via remote machines, mapped network drives, and removable media. Companies across North America were widely affected by the worm.

6. Style Weekly reporter gets the axe
A reporter at Style Weekly thought he was sending an email to his editor on Wednesday, in which he called a blind motivational speaker a “blind [expletive].” However, it turns out the reporter sent the note to the blind man’s PR person. This is a good reminder to always check the to:, cc:, and bcc: fields… and don’t put anything in email that you wouldn’t want the whole world to see.

7. Credit card chaos: Retailer’s email confirmations expose private financial information
After a probe by PC Pro Magazine, it was discovered that UK retailer Argos was sending out the credit card numbers of their online customers in emails confirming purchases. What’s worse, the emails also included a link that contains the recipient’s name, address and credit card details, which could be stored in the browser’s history unbeknownst to the customer.

8. You’ve been accepted… for a discounted laptop!
UCAS, the UK organization responsible for managing applications for higher education courses, sent a misleading email to students anxiously waiting for their A-level results, with the subject line, “you have been accepted.” Unfortunately, it was not university they were accepted to, but rather a discounted HP laptop.

9. Silence of the spams: Producer almost loses tickets to the Oscars
In an overzealous moment, a film producer spammed Academy of Motion Picture Arts and Sciences members with a message that practically begged voting members to support his film over its Best Picture competition. Unfortunately, the Academy explicitly bans directly campaigning to voters, and the producer had to immediately send an apology email in order to attend the award ceremony.

10. Prime suspect: Data loss affects nearly one-third of enterprises, email the main culprit
Research on outbound email and data loss risks showed that enterprises continue to suffer from data loss at a shocking rate. The most common source of exposures of confidential or proprietary information remained email, with 35% of large companies investigating an email-based breach in the previous 12 months. Lost and stolen mobile devices and social media channels were also exposed as serious sources of risk.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Keith Crosley directs corporate communications for Proofpoint. Keith’s job entails the promotion of Proofpoint e-mail security solutions to press, analysts and the enterprise e-mail security market at large. His blog covers a wide variety of e-mail security topics including anti-spam, phishing, identity theft, data breaches and the policy, culture and technology issues that surround e-mail. Previous positions have included director, corporate communications at Elance, senior director, worldwide public relations at BroadVision and director of marketing at As a key spokesperson for Proofpoint and e-mail security evangelist/researcher, he takes part in television and radio appearances. Avocationally and semi-professionally, he is a filmmaker, musician and all-round multimedia enthusiast.