A number of sites online ask you for your email address and password. Most often, I tend to be skeptical and yet, being a sucker for a beta test, I often cringe and give in. That is what happened today when I unwittingly gave my credentials to a site called Snimmer. (I do not wish to link to it since I believe it should not be given any sort of links). Bottomline Snimmer is EVIL. It sends out a clandestine invitation to all my friends on Gmail impersonating it as though it came from me legitimately. What is annoying is that it DOES NOT ASK FOR ANY CONFIRMATION.
Here is a snippet of the email it sends out:
SNIMMER - My Web IM Space
Hi, this is my IM Page on SNIMMER. You can chat with me there:
http://akshayjava.snimmer.com/
This really makes the case for the use of OpenID and OAuth. If you are aware of any other sites that are misusing user credentials, leave me comments and I will check on these to compile a blacklist of untrustworthy sites.
Recent Comments