Announcement

Collapse
No announcement yet.

Ah, yes, the old 'CEO needs his password reset' issue.

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ah, yes, the old 'CEO needs his password reset' issue.

    Thanks to our .vic.gov.au overlords, we have a public holiday today, to celebrate a few dozen guys getting a parade through the capital in preparation for some sort of sporting event tomorrow.

    Like most people with a fundamental lack of interest in such things, I happily accepted the day off and invited some friends around for a barbie. As those with a sporting-bent were keen to be elsewhere (I would have thought watching a bunch of guys being driven past at walking pace even more boring than watching said guys run around and fight for the right to molest a pigskin, but what do I know?) it was a bunch of techies who turned up.

    The conversation, as it does when the group is exclusively tech-oriented, turned to the idiocy of non-techies whose lamentations are the bane of our existence. We offered each other commiserations and potential solutions in equal measure, with no more than three-quarters of the later being outright illegal.

    One chap claimed to have solved the problem of upper-management demanding that policies (documents that they personally signed off) be discarded on a whim for their convenience. As a group, we expressed quite some skepticism at this claim, but his tale seemed quite plausible. I am looking forward to trying it out next time I find myself in his position.

    The call was depressingly predictable at first. The CEO had forgotten his password and his PA was sick and thus, wasn't around to type it in for him. The minion on the front lines bore the brunt of Chief-Executive anger by attempting to appeal to the policy handbook, pointing out that the password reset procedure was not particularly onerous to follow. Predictably, this was to no avail.

    In the time it took for the CEO to argue with the poor grunt, his password could have been reset a dozen times over. But pride was at stake now, and so up the management chain the call went, landing at my friend's feet.

    As usual, when confronting someone who has few superiors in an organisation and insists that he is in a hurry, he took a distressingly long time to explain exactly who he was, and how important it was that he have his password reset immediately.

    "Yes, of course you are the CEO," said my friend as soon as he could get a word in, his tone dripping sarcasm. "You know, this is the 4th time this month."

    "WHAT?!" exploded the CEO.

    "This is the fourth time someone has called to get your password reset this month," my friend lied.

    There was a second or two of blessed silence before the CEO repeated himself in a somewhat less vocal fashion. "What?"

    "I will tell you what I told the other three scammers. We follow our security policy to protect all our users from having their credentials used in a way that opens them up to liability. If you are indeed the CEO, please follow the password reset procedure." <click>

    Apparently, when a CEO is presented with the idea that his password was all that stood between him and (gasp) *liability*, he quickly becomes a fan of the security policy. A few days later, my friend received an email from his boss saying that the CEO was pleased with how well his team followed the policy handbook, but that his phone manner could use some work.

  • #2
    That. Is. Brilliant.

    Comment


    • #3
      ****** Slow hand clap *********
      I'm lost without a paddle and headed up SH*T creek.
      -- Life Sucks Then You Die.


      "I'll believe corp. are people when Texas executes one."

      Comment


      • #4
        I'm in awe. Those are some serious cojones.
        Fool me once, shame on you. Fool me twice, you speak with the Fraud department. -- CrazedClerkthe2nd
        OW! Rolled my eyes too hard, saw my brain. -- Seanette
        she seems to top me in crazy, and I'm enough crazy for my family. -- Cooper
        Yes, I am evil. What's your point? -- Jester

        Comment


        • #5
          And this is why IT policy is "you get my passwords when you can pry them from my cold, dead fingers and good luck with that because if I die, you're coming with me". Too many people with the idea that they should have access to stuff they don't need means a VERY easy breach point.
          I AM the evil bastard!
          A+ Certified IT Technician

          Comment


          • #6
            When I first saw the title I thought "uh oh, somebody's impersonating the CEO to try and scam financial info from the company."

            Then I read the post. And loved it! Took some chutzpah to do that but well worth it!

            Comment


            • #7
              According to the e-mail I received from the IRS (the real IRS) the CEO scam is real although they were stating the scammers were trying to con payroll and not IT.
              Figers are vicious I tell ya. They crawl up your leg and steal your belly button lint.

              I'm a case study.

              Comment


              • #8
                Quoth Cia View Post
                According to the e-mail I received from the IRS (the real IRS) the CEO scam is real although they were stating the scammers were trying to con payroll and not IT.
                True, they're after SSN's and other financial information to scam the company and its employees from what I understand.

                I thought they might be trying to get there via IT...

                Comment


                • #9
                  After I read this thread I came across this BBC report about scammers pretending to be CEOs.
                  "I don't have to be petty. The Universe does that for me."

                  Comment

                  Working...
                  X