Continuing the conversation about what helps us and what prevents us from achieving our goals, I will not open America by arguing that good mood and self-confidence help. The inverse elements are Bad mood and self-doubt get in the way.

Let's trace one of non-obvious sources fear And uncertainty.

“Letter of Happiness” and the hidden threat - Psychology of influence.

I think each of us gets from time to time the so-called " Letters of happiness". They promise some kind of gift, profit, unexpected beautiful love or something else very good and usually desired by people. One minus is that there is always a threat at the end of the letter. Moreover, the threat is total, as in the letter that I received today.

I received it in the form of a message on Odnoklassniki from my highly respected classmate, with whom I relate very well and enjoy maintaining a relationship. (Original spelling)

“January is a special month. This month has 5 Mondays, 5 Saturdays and Sundays. Such a coincidence happens once in 823 years. They call it “a bag of money.” Send this message 8 times good people and the money will “go” into your hands, according to Chinese Feng Shui. Anyone who stops this message will have material luck turn away from you.”

I don’t want to quarrel with a classmate, but nevertheless, this moment has long surprised me - why don’t people think with their heads when they do such things?

If you remove all the fantasy from this " chain letters“, then in the end there will be one simple message left: do what you are told, otherwise it will be bad.

As one Internet entrepreneur wrote in one of his newsletters, “Get rich - or die!” - no freedom of choice:0)

That is, at the beginning " chain letters"you get very good wishes- and there is even an illusion that this is what good man- wishes you so much good! And then you read the end - and you have to make a decision.

1. Send your good but brainless classmate to all 4 directions;
2. Send a letter to 8mi good people and ruin their day too;
3. Spit and forget.

I have not fulfilled the second point for many years, no matter what letters I have received.

And there is only one drawback to this - I can no longer take people who send them to me seriously. Well, if a person is not able to think, how can you take him seriously?

Quote from Wikipedia:

"Luck"

Letters in this category appeal to prejudices and superstitions, promising good luck if the letter is reproduced, and misfortune otherwise. Often such letters are called “prayer letters,” since many early representatives of this category began with a quotation from the Bible. It has been suggested that this was a result of the requirement to distribute prayers from the Roman Catholic Novena devotion of 1898 or as a result secularization promises and threats from holy letters. In the 20th century, with the advent of duplicating technology, such letters were first simply copied from paper originals, and then switched to digital form and began to be sent by email. e-mail.

But let's look at another one like this interesting point. I think that most people skip it - but in vain. Last phrase- if you listen carefully to what is happening inside - it clearly clings to... fear.

Tsak! - and fear manifested itself.“Screw it, I’ll send it better, just think, it’ll only take 5 minutes.” But whether I will make a profit or not – this is not known (I haven’t received it until now!), but I will be able to avoid danger!”

And this is " letter of happiness“is a very good test of personal responsibility for one’s own actions. And the presence of unconscious fear inside.

Because if you have realized the fear, then you can already work with it. You may be interested in this moment and ask yourself a few questions.

How to work with fear:

1. What is the nature of this fear inside? Do I truly believe that “my luck will leave me” if I don’t follow through on this threat?
2. If I don’t forward this letter, what basis can I rely on that bad things won’t happen to me?
3. If I have discovered this fear in myself, how can I work with it? How to remove? What to replace it with?

You may well say to me: “Come on, why are you clinging? Well, a letter and a letter. I didn’t send it, and that’s okay. Why dig so deep here?!”

A wave of spam has overwhelmed the popular instant messenger

WhatsApp users suffer from numerous messages that are distributed to them by their friends. Despite the fact that the messages are clearly spam, many themselves contribute to their sending. Experts are confident that the letters do not pose any threat to smartphones, and we are actually talking about “chain letters” that have migrated from mailboxes to the online environment. However, it is almost impossible to get rid of such spam, since its authors take advantage of people’s IT illiteracy.

whatsapp flooded with “letters”

Users of popular WhatsApp messenger V last weeks We encountered strange messages allegedly coming from the WhatsApp administration. The first version of the letter contains several messages at once (apparently composed of earlier versions), the essence of which boils down to the fact that you need to send this message to your contacts. Various reasons are given: to update the messenger, to confirm your activity, to update emoticons, to continue using it for free.

Despite the fact that the messages are in the nature of outright spam, many users fell for the bait of the authors of the mailing list, and “chain letters” began to roam the Internet.

The legacy of ICQ and classic “chain letters”

The first version of the letter can be easily found on the Internet. Its use began several years ago.

This is a typical “letter of happiness”, which appeared in the form of messages that were thrown at mailboxes with a request to “rewrite this message 15 times, always by hand, and throw it in other boxes” with examples that those who did this will definitely be lucky, and those who don’t will be a terrible failure, says Alexander Galkin, development engineer Microsoft and columnist for Realnoe Vremya. - Even at the dawn of the development of instant messaging services, it migrated to the ICQ messenger, popular in the 90s, where a flower of different colors was used as an indicator (red - offline, green - connected). Therefore, if the letter mentions that the status indicator will turn blue or something else, this is simply a variation of the same ICQ version of the chain letter, which migrated first to Odnoklassniki and the messenger from Mail.Ru, then to Skype, and now I’ve reached WhatsApp. The purpose of this message is simply to create a stream of unnecessary trash messages, to have fun.

“The purpose of this message is simply to create a stream of unnecessary garbage messages, to have fun,” comments Alexander Galkin. Photo facebook.com

Actually, its distribution on WhatsApp began in 2013. It was then that the first massive wave of such spam was recorded. After this there were several more bursts. The last major one was in 2015.

The fact that these are unofficial mailings is immediately clear in incorrect spelling the name of the application is WhatsUp instead of WhatsApp, the official developers do not allow such errors, not to mention other, already spelling, errors, explains Alexander Kalinin, head of CERT Group-IB.

“Horror stories” about paid messages are also intended for those who are new to the messenger. The point is that previously WhatsApp already was paid: after the first year of using the program, users had to pay a nominal fee of $0.99 for each year of use. However, the administration of the messenger canceled this condition in January of this year.

“Horror story” about the “advertising monster” of Facebook

The second message was created specifically for WhatsApp. It reminds you that the messenger was purchased by Facebook, and now it will be flooded with advertising from the social network if you do not perform certain operations in the settings. In fact, the sale happened back in 2014, and Facebook still hasn't merged it with the company's existing messaging app.

The sale to Facebook made it possible to keep the messenger application itself free, says Alexander Galkin. - However, according to a popular Internet quote: “if you don’t pay for something, it means that you are not a customer, but a product!”, the cost of creating and maintaining a constant readiness infrastructure for transmitting messages is far from small, so for To continue operating such a service, it is necessary to have a monetization plan. A relatively “simple” placement would be advertising banner directly in the application itself, but this is exactly what the creators of WhatsApp did not want from the very beginning. Therefore, a model was chosen in which the messages that he sends, pictures, etc., are analyzed by automatic algorithms, and based on this, the user is shown correctly selected advertising in other Facebook applications(primarily in the social network application itself or on its website). And the message sent to users draws attention to this.

According to Galkin, like any message of this kind, it contains elements of exaggeration and intimidation, which are used to enhance the effect: “It allegedly says that after some time this setting cannot be changed (which is not true, the setting is already there more than 3 months and has not disappeared anywhere) and that if you remove it, Facebook will not receive information from your phone (the checkbox only limits the possibilities of using this information, and not the fact that Facebook received it, which is not even specified). I think that the authors were initially motivated by a desire to draw attention to the protection and use of personal information by large corporations - I have seen similar messages regarding settings in Windows 10, in relation to Facebook and Google. However, as the message spreads, it acquires new facts like a “deaf telephone”, gradually turning into a semblance of the first message.”

“There may be a risk if the message contains some kind of link that leads to third party resource with exiting the application,” says Efim Klimov. Photo facebook.com

Harmless but annoying

According to experts, chain letters do not pose a direct threat.

There may be a risk if the message contains some kind of link that leads to a third-party resource with an exit from the application, says Efim Klimov, CEO IT company "Etton". - You can get some kind of virus. Or if you open a browser window and enter your personal data, attackers can gain access to it. The message itself, which is sent from one user to another user within the application, is safe.

Another problem may be sending files, but chain letters do not contain them either.

The very forwarding of a message to friends simply leads to further dissemination of the message; there are no other (tangible) problems here, as long as you are sending just a message in the form of text, and not a binary file into which a virus or Trojan can be added, Galkin develops the idea. - Hardly at all modern level development of the message transmission infrastructure, this will lead to overload and failure of the system - it will just be a little annoying for users with a large number contacts who will receive these messages from many channels. Making any changes to the configuration of applications or the computer can lead to more serious consequences.

Galkin believes that it is very difficult to protect yourself from such messages, since they use “social engineering” - the IT illiteracy of some users: “You can hurt yourself, but someone’s mother will still send such messages even after 20 explanations, when she accidentally receives them from one of her contacts. The right decision- just ignore, and if a person really cannot understand, then explain.”

However, there is still a certain danger in “chain letters,” says Alexander Kalinin: “In the above messages, requests and recommendations are safe, but once you get used to performing the actions sent to you in mailings, one day you may not even notice how you have done something completely illogical actions that could lead to serious consequences such as loss Money. Similar methods are still used by scammers who literally zombify their victims over the phone, forcing them to part with their savings on their own, without resorting to any technical means. And it’s not just people who become such victims. retirement age, as is commonly believed."

The usual functionality of the application is known to everyone: blocking third-party contacts. But if friends send it, there’s nothing you can do about it,” says Klimov.

P.S. other material about spam attacks:

Dmitry Semyagin

The history of “chain letters” goes back to Ancient Egypt. There existed Book of the Dead, where the promise was kept - those who are buried with this book will certainly be resurrected. In the Middle Ages, these letters were called "holy" letters. These were letters of a religious nature. They contained prayers and amulets, teachings that had to be carried with oneself and distributed among people. They were also called “heavenly letters.”

What is a “chain letter” now?

The modern “chain letter” is sent primarily via email or social networks. A “chain letter” promises the recipient or his loved ones something (happiness, health, luck, money) in exchange for passing it on. It is philosophical, mythical or instructive in nature, sometimes it contains a parable. Most often, such letters are intended for schoolchildren and students, or rather for their excessive gullibility and emotionality.

A “chain letter” can be disguised spam, which can also infect your computer with viruses.

The structure of a “chain letter”

As a rule, a “letter of happiness” has the following structure:

- Name;
– a legend or parable about the origin of writing;
– information about where the original letter is stored;
- proof supernatural power document;
– requirement to forward a letter to a certain number of people;
– time limit;
– for sending a letter on time, promising good luck or punishment for ignoring the letter.

“Letters of happiness” are always anonymous. They often contain untruthful facts. No one can know for sure how many times the letter has traveled around the world or where it is actually stored, if it actually exists.

Other types of chain letters

Sometimes "chain letters" go beyond just a game and fall under the "" category. In addition to the main text, they contain a note that you need to transfer several rubles to the specified account. Then you need to open your account and wait. After 5, 10, 30 days “you will be happy” in the amount of a certain amount of money.

There are letters asking you to post a certain message on your friends’ social network walls. Depending on how many and what kind there are, you can find out yours or something else.

There is also a type of letters asking for help. Such letters most often tell about a serious illness of a person (usually a child). The letter simply begs for help. Often these letters are untrue. If you really want to help a sick person, then take the trouble to check his contact information, contact the hospital, etc.

Also, “chain letters” are sometimes figuratively called notifications sent by Pension Fund about accrual or recalculation of pensions, as well as letters with issued fines for traffic violations.

Each person decides for himself whether to succumb to manipulation with the help of a chain letter. It is better if you treat this as a game, a fantasy, without allowing yourself to be zombied.

Letters that we don't want to receive and that we don't want to waste our time on are always annoying. But let's figure it out and separate meat from dairy, grain from chaff, old people from children, and criminals from mugs.

Letters of happiness, “chain letters” messages coming from your friends have nothing to do with spammers. However, to common sense too. No 5 cents will be sent to Yahoo, AOL, or any other company for forwarding this letter to help a sick child. For doing “forward”, no one will send you new phone or a laptop as a gift. And the ancient Indian Guardian of Happiness will not send a blessing of falling stars into your karma. Well, on the other hand, the Most Terrible Ancient Chinese Curse will not haunt you either.

Who does this? There is no exact answer, but apparently, these are just people with a very strange sense of humor. Everyone has their own jokes, some like that the letter they wrote travels around the world on its own.

Among people who have little understanding of spam technologies, there is an opinion that in this way spammers collect email addresses in order to then send their terrible spam to them. This is an extremely naive assumption for several reasons: a) when forwarding a letter further (“forwarding”), the previous sender has no opportunity to obtain any information about it; b) this is simply an extremely ineffective way.

How do spammers find me?

For those who are not interested in the hardware, feel free to jump to the end of the article :)
There are several main ways.
The first and most widespread are harvesting attacks.. The spammer has a network of computers, his own or “captured” (bot-net). Millions of emails (empty, without spam) are automatically sent out from it. To random addresses like vasya, vasya1, vasya2, etc. The domain is not important here, you can choose one today, another tomorrow. If there is no such address, the mail server sends a response like:

Those. "there is no such address." Hence the conclusion - the remaining addresses exist. Then it’s a matter of technology - to save those addresses from which the answer was not received that they do not exist - and voila, there is a database.
Sometimes spam is sent out in the same way. They sent it to 30 million random addresses, they guessed 3-4 million, and that’s fine.
Method two - hacked/infected email addresses (compromised accounts). The method is more complex, less massive, and is more often used for clever spam from the series “Sorry that I haven’t written for a long time, I suddenly lost my temper and went to a seminar in ***, I’m stuck here without documents, please urgently send me XXX money, I’ll come right away I'll give everything"

Naturally, when such a letter comes from a person you know, with his address and signature, it looks much more believable.

Method three - phishing, more often used to obtain access/information about credit cards, bank accounts or access passwords social networks, but it’s worth writing a separate long post about.
When collecting a database of email addresses, this method is often used against large corporations rather than private webmail accounts. All employees of the Grusha company have an email a la [email protected]. A letter is sent to all users (in the same way, randomly) with the text “Hello, dear employee of Grusha. I, Vasya Pupkin, your IT security manager, we have implemented new system, I need the password to your email to set it up/check/whatever.” In companies where tens of thousands of people work, 1-2 will come across. And then the spammer is already “inside” and... off we go.

How to protect yourself from all this?
As for letters of good luck, you can only long and patiently explain to your friends what they are and why you don’t need to send them anymore.
With phishing, everything is simpler - never give anyone passwords to your emails (as well as credit cards, bank accounts, VKontakte, Facebook, etc.).
Do not click on suspicious links. Since you often see one address, but the link actually leads to another, hover your cursor over it and look at the bottom of the browser where it actually leads.

Rules of good manners in email correspondence:
— 1. When forwarding correspondence from one group of people to other people (if this is not agreed in advance), do not be lazy to remove the email addresses of these people from the correspondence. Everyone has their own reservations about who should and who should not be given their own email address. Plus, such sheets visually look just terrible.

— 2. When sending a letter to a group of people who do not know each other, address it to yourself, and put the recipients in blind carbon copy (BCc).
— 3. When responding to a letter sent to another hundred, fifty, eight people, think carefully about who you want
Reply - to everyone, everyone, or just to the author of the letter?

Honestly, I don’t know how interesting the topic is, so comment more actively, ask questions - I’ll understand whether to continue or not :)

May the force be with you!

The article is devoted to one of the problems of Information Security - the fight against serial mailings, which are also called “chain letters” in honor of handwritten ancestors. The first such messages, called “heavenly” or “holy letters” (Himmelsbriefe), appeared in the Middle Ages. However, we will not digress from the topic and consider the threat of “chain letters” from the point of view of Information Security:

The Hidden Danger of Chain Letters and Similar Sequential Mailings

In general, it should be taken into account that the participation of employees in such mailings is a direct reputational risk for the company, and the higher the position of the participant, the greater the risk.

Now we understand well how much more dangerous the modern “chain letter” is than its paper ancestor.
Is there any understanding for users? Who in December 2010 believes in angels?

TOP companies whose employees are actively sending the next letter of happiness.

The leaders are LUKOIL and GAZPROM. Well, of course - a huge branch network and an abundance of free time create ideal conditions for such mailings. I will not publish full names and contact information, and will limit myself to positions so as not to increase reputational risks.
1st place Gazprom:

• Deputy Head of the Personnel Development and Training Department of the Human Resources Department
• Assistant Director for Geology and Development
• Far Eastern branch of GAZFLOT LLC Chief Drilling Engineer
• Head of HR Department
• Head of Documentation Support Department
• Head of NPO Department
• Leading engineer OPRiL
• Leading specialist of Civil Defense and Emergency Situations
• Leading specialist of the planning and accounting department retail sales. OJSC Gazpromneft-Ural
• Leading specialist of the Planning and Budget Department of JSC GAZPROMNEFT-URAL
• Specialist of the documentation support department of OJSC GAZPROMNEFT-URAL
• Specialist of the accounting department for the sale of goods and services of OJSC GAZPROMNEFT-URAL
• Specialist of the fuel procurement department of OJSC GAZPROMNEFT-URAL

2nd place Lukoil

• Secretary of the Vice-President of the State Technical University of OJSC LUKOIL
• Department for accounting of borrowed funds, settlements with shareholders and employees of the Company
• commodity specialist at the Usinsk oil depot of the Northern branch of LUKOIL-Severo-Zapadnefteprodukt LLC
• Economist of the Department for Control of Tender Activities and Information Technology Support of the Directorate for Organization and Support of Tender Activities
• Trade and Procurement Coordination Department

3rd place Schlumberger Drilling & Measurements

• Storekeeper
• HSE Specialist
• D&M Logistics & Procurement Coordinator
• Recruiting & Staffing Coordinator
• RYN HSE Coordinator
• SLR ATL Okha Dispatcher
• SLB WS Coordinator
• General Field Engineer
• Sakhalin Local Transportation & Logistics Specialist
• Logistics Specialist Smith International CIS A Schlumberger Company

4.SK Ingosstrakh

• Customer Service Administrator
• Additional Director office of Ingosstrakh Insurance Company in Novorossiysk
• Head of Retail Insurance Department of Ingosstrakh Insurance Company, Stavropol
• chief specialist of Ingosstrakh Insurance Company branch in Cherkessk
• Head of the agency sales department, branch of Ingosstrakh Insurance Company in Krasnodar
• Currency Control Division of the Business Operational Support Department.
• Leading Specialist of the Operations Department Branch of Ingosstrakh Insurance Company in Krasnodar
• Branch of Ingosstrakh Insurance Company in Irkutsk Department active sales(parks) Expert category 2
• Expert 1st category of the branch of Ingosstrakh Insurance Company

5. X5 Retail Group N.V.

• HR Manager of the Krasnodarsky Hypermarket HR Department, Central Branch
• Hypermarket "Birlovo Pole" HR Department, Branch "Central"
• Remuneration Manager Labor Remuneration Department (retail, production, logistics) Remuneration and Benefits Directorate Personnel Services Directorate
• Marketing Manager, Supermarket Format, Central Branch
• Remuneration calculation specialist

6. LLC "Medkom-MP"

• Supervisor of Medcom-MP LLC
• Financial analyst for calculation issues wages LLC "Medkom-MP"
• Human resources department inspector
• Supervisor of the individual retail department of the Moscow Region
• LLC "Medkom-MP" in Surgut
• Medkom-MP branch in Perm

7e VTB24

• Chief Specialist of the Methodology and Client Strategies Department of the Department for Work with Troubled Assets of VTB 24 (CJSC)
• Department for accounting of intrabank transactions Head office, Moscow, st. Myasnitskaya 35
• Chief Specialist of the Intrabank Transactions Accounting Department
• Chief Specialist of the Department of Methodology and Client Strategies of the Department for Work with Troubled Assets of VTB 24 (CJSC)

8 LLC " Management Company BOSCO"

• BOSCO Management Company Co.Ltd.Bosco di Ciliegi, 17, Vetoshnyj lane, Moscow, Russia.
• Translator
• assistant to the executive director

9 CIUS Siberia

• Deputy Director for Economics and Finance
• expert of the Department for Organizational Development and Work with Personnel of JSC CIUS UES

10. Baker Hughes Centrilift Measure and Compare Unmatched design, service and support

• MFG Manager Production
• Supply Chain
• Cross Product Line Customer Service

Others

LLC "SIBUR"

• Directorate of Plastics and Organic Synthesis

WFT Technologies,

• Field Frac Engineer
• HR Specialist

Post office

• Directorate for Commercial Operations FSUE Russian Post 131000, Moscow, Varshavskoe sh., 37
• Commercial Operations Directorate

LLC "SibUgleMetTrans"

• manager of the contract department commercial work
• manager of the department of contractual and commercial work for transportation in universal rolling stock

URALCHEM-TRANS LLC

• Leading Operations Manager Commercial department Rail transport services
• Leading specialist of the Planning and Analytical Department

Slavia Brand Trading LLC

• VIP Client Manager
• Development Department Assistant
• Network Client Manager

METRO Cash&Carry

• Junior Category Manager Processed Meat
• Category manager assistant SPIRITS

OJSC Bank "OTKRITIE"

• Chief specialist of the retail lending department, Operational office "Novgorod"
• Assistant Manager, Operations Office "Novgorod"

In fact, the list is huge and I chose the most “distinguished” companies.

Some comments from users who forwarded the letter

Finance department
BOSCO Management Company Co.Ltd.
Bosco di Ciliegi, 17, Vetoshnyj lane, Moscow, Russia.

Comrades!!! I won't apologize because I'm sending you happiness
Read the correspondence below to see how many people and companies have already passed this letter!!! This is very cool
I wish you a positive attitude, fulfillment of desires, belief in yourself
HAPPY NEW YEAR!!!
Sincerely,
Chief Specialist of the Methodology Department
and client strategies
Troubled Asset Management Department
VTB 24 (CJSC)

I really want to believe in a miracle)))
Please do not interrupt the chain, the text is at the very bottom.

Storekeeper
Schlumberger Drilling & Measurements

What to do?

If you are an information security employee or another IT specialist dealing with Information Security issues in a company

You need to set a filter by the content of the letter:

Body of the letter:
God bless you all...
True or not, I want it to come true:
It walked all over Kazakhstan.
This morning God opened a window in heaven and asked me: what is your greatest desire today?
This was my response: Oh God, take good care of whoever is reading this letter now, his family and friends, because they deserve it. And I love them very much. God's love is like an ocean.
You can see the beginning, but never the end.
This letter will now take effect...
Those who doubt should know that the one who sent you this letter was surprised that his wish was fulfilled in a short time. Let's see if this is true.
It's true that angels exist
but sometimes they lack wings and we call them friends.
Send this letter to your friends and tonight before 11:11 you will receive a surprise:
the news you want to hear. I'm not kidding.
Someone will call you to tell you what you are waiting to hear... or an angel will bring you news in a dream. Don't break this chain. Send this letter to at least 10 people you consider angels.
P.S. It worked for me in 1 minute!!!

And it is very desirable to carry out explanatory work to inform users about the seriousness of the problems associated with modern chain letters.

If you are an IS/MS employee or run a company that is included in the above list

contact me - I will send you the bodies of letters of happiness for carrying out “work” with employees. In general, I strongly recommend reconsidering your actions in relation to information security risks. You need urgent and tough measures.

If you are a user

remember simple rules:
upon receiving such a letter:
1. forward it to your information security/IT service
2. inform your correspondent who sent this letter about the danger and inadmissibility of sending such letters.
3. delete the letter

The question may arise - who am I? I am the Head of the information security department in one large Russian company, on whose mail filters these letters of happiness “settled”. Having studied the contents, I assessed the scale of the problem and believed that only such a publication could attract sufficient attention to the problem.

Literature:

Panchenko A. A. Elusive text: prophecy and magical writing
Panchenko A. A. Christhood and skoptism: folklore and traditional
culture of Russian mystical sects. - M.: OGI, 2002, p. 341-353.
Panchenko A. A. “Magic letters”: to the study of religious folklore // Kanun. Almanac. Vol. 4. Anthropology of religiosity. - St. Petersburg, 1998 - pp. 175-216