Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Changing MO in scamming our users ? InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Changing MO in scamming our users ?

Published: 2011-05-10
Last Updated: 2011-05-10 22:07:30 UTC
by Swa Frantzen (Version: 1)
0 comment(s)

Today we were contacted with 2 different scams that used -for em at least- novel approaches to the social engineering part.

  • Melvin wrote in about an email in Portuguese, that after translation was accusing the recipient to have committed some traffic violations and was lining to "notifications" that were malware with minimal detection on virustotal. We didn't get the samples.
  • Roland wrote in with a story about an IM message that went something like:

  can you pleasee help me out really quick
  and take an IQ quiz for a major final
  project im doing? I need to see how many
  people out of my friends get over a 105

  just go to http://iqtesting<4 digits>.com/?invitecode=<random looking string>
  and take that test. if u do I will
  owe you big time

He also noted that recent there were a number of registrations for domain.

Seems it might be a very good time to sharpen the awareness of our users to not click all that easy on links, and if they did anyway, to be very suspicious of what they download.

Swa Frantzen -- Section 66

0 comment(s)
Diary Archives