You know the one - take your first pet’s name and your mother’s maiden name. Fluffy Delamere*, har-dee-har.
I was discussing this with a friend and said, well obviously it’s just a scam to get you to reveal your personal info - after, all, what are two of the most common “security questions” for password resets, online banking or whatever? What’s your mother’s maiden name, and what was the name of your first pet. My friends says this is ridiculous and that I’m being paranoid.
I suppose it might have started as an identity theft scam, IF:
-a complete stranger asks you what your porn name or soap opera name is, ANDIF
-he also asks you for your real name, ANDIF
-he also asks you for the names of instititutions with which you have internet-accessible accounts.
Me, I’ve only ever seen the porn and soap name thing queried on anonymous internet discussion boards, or in person with friends.
I think the vast majority of folks who forwarded the meme were just doing it for fun, and I would imagine the person who thought it up just thought it up for fun.
But, I think your conditions for successful ID theft are too restrictive:
-The scammer doesn’t have to be a complete stranger; people often scam their friends and acquantances. And anyway if you were an ID theft victim, you probably wouldn’t suspect your pals. Also, the scammer could send the meme email out to a whole group of people he is very loosely affiliated with (say, everyone in his class or everyone on a listserv he recently joined) and expect that some people in the group will respond even though they don’t know the sender personally. Alternatively, the scammer could compromise Bob’s email account and use it to send the meme to everyone in Bob’s contact list, in which case the recipients think, “Oh, that Bob! What a card!”
-If the scam is being conducted over email (which is the way I always saw the meme), the scammer now at least has your email address, and probably your name. If it’s being done on a message board, a certain number of people on the board will either share their email addresses in their profiles or will use their handles as their email addresses. If not, the scammer can try to game the password reset function of the message board to get into your profile, where your email address could be found.
-If he can get into your email by gaming the password reset feature of that, he probably has information on institutions you do business with because they have sent you statements or other correspondence. Then, he can game the password reset to those sites, or use the “email me a new password” feature. Or, the email account might be the end goal itself. A lot of the phishing scams I’ve seen were ultimately just going after the victim’s email account so they could stage spamming campaigns from it.
So, BadGuy does this: joins “Romance Readers Email Group”; participates lightly; sends “porn name” meme to everyone; gets a bunch of replies; goes to work on their email accounts; defeats the password rest feature on some small percentage of them; if there is banking information in the account, attacks the bank logon, if not, uses the email account for spamming; Profit!
Again, I’m not saying this was widespread or that the person who thought it up intended it. Just saying it is certainly do-able. And, I imagine that at least some criminals tried it and succeeded. Scammers are willing to fail a lot if they have the possibility of scoring big. One victim with a few grand in the bank makes it all worthwhile for a guy pounding a keyboard in Nigeria.