Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - It's Cyber Monday - Click Here! InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

It's Cyber Monday - Click Here!

Published: 2011-11-28
Last Updated: 2011-11-28 14:30:23 UTC
by Rob VandenBrink (Version: 1)
1 comment(s)

Wait - What? Click Here?

It appears that our spamming friends are taking advantage of the Cyber Monday phenomena, and trying to phish us into clicking links in the hope of getting that awesome deal on a watch, camera, tablet or laptop.

While there certainly are great deals and reputable vendors, my personal "spam / phish" email count is 8 so far today (and it's just 9am here in sunny Ontario, Canada). Emails that appear to be from a reputable vendor, but in order to actually get that great deal, yes, you guessed it - click here ! The link that they want me to click of course does not belong to the vendor that the email appears to come from.

In roughly half the cases, it's close enough to fool lots of people. The other links are obfuscated in hex, so they don't look like anything unless you click them. Of the illegitimate sites, most of them I've looked at are distributing malware, but really they could be anything - with the count rising by the hour, who has time to check them all out?

There are some good deals out there today, but please, shop responsibly! Check that link out before you click!

===============
Rob VandenBrink
Metafore

Keywords: spam
1 comment(s)
Diary Archives