But is identity theft really a problem when all a bad guy can do is get my name, address, and phone # at the most? It seems like that's just not enough to put me seriously at risk.
It might be enough to let them steal your credit rating. Don't underestimate how much they can get from how little information.
Again, what can they gain by stealing my credit rating?
Don't get me wrong. I'm not trying to minimize the risks, but to separate dangerous reality from the paranoia that can very easily take over an Internet user's life.
PS: I got another weird e-mail today, at the same address to which the phishing e-mail came, this one claiming to be from Amazon and including a .zip, which I unzipped to a .exe, which I trashed.
Why did you unzip it? Nothing safe is ever going to come to you as a .zip in a weird email message. Unzipping attachments is almost on a par with clicking on strange links. (Almost. Clicking on the link can confirm that you received the message and read it. You've already received the attachment, though, so they get no new confirmation. But it might expand to something other than an .exe, something that has an (admittedly rare) drive-by vulnerability. Or, if you're not careful, it could be a link disguised as an attachment.)
Inveterate curiosity backed up by a - literally - 60 second old clone.
Somebody's got to stumble on new threats, so I risked a 15 minute erase and restore to check it out. (I did err, though, by not booting into the clone to do it.)
