Last week I was busy making plans for my trip to Washington DC and Microsoft’s Worldwide Partner Conference, where I’m scheduled to pick up the Small Business Specialist of the Year award. (still happily amazed) Since the hotels in Washington DC are so very expensive I decided to give Priceline.com a try. 50% off a 4 star hotel was sounding pretty good.
Priceline works like most travel websites except that you name a price that you are willing to pay, the neighborhood you want to be in, the rating of the hotel and then you let Priceline select the hotel for you. It is a way for hotels to fill rooms, even if it’s at a discounted rate.
Naturally the website wants me to create an account and they also want me to select a secret question to which only I will know the answer. Here’s the first question in the list:
I simply laughed. Here is a legitimate website phishing. Were anyone to give them this information then it is very likely that who ever has access to it could log in all over the web as them. Raise of hands…how many of you use the same password on multiple websites? That’s right, almost everyone.
I sent it my findings to a couple of people. Steve Riley (Microsoft speaker, author, noted security guru and now Amazon Web Services employee) picked up the story for his blog. Gotta love the title.
Be careful out there.