I’ve just bumped into some social engineering on a massive scale – spam that hit a huge number of message boards at once.
It’s pretty elementary in some ways – a post which says
Author: JonDopl (ns.km10256.***)
Date: 02 Dec 2006 20:12
Andre call me ,please ! Or my ICQ – 256***** .Sorry for offtop o:( .
Regards.
Of course, the message won’t have a long life span – spam like this gets deleted pretty quickly from well moderated boards. This means, of course, that spammers have to continually think up new ways to grab a user’s interest.
Anyone who’s curious, or foolish enough, to try contacting the icq number could end up receiving anything, ranging from unsolicited advertizing to a link to a brand new worm. Yesterday’s spam is a clear attempt to move away from a banal offer towards dialogue with the user. After all, an ICQ number could easily have a bot at the other end – a bot which might even manage to persuade the user that it’s a human being. And if a user thinks there’s a human being on the other side of the screen, s/he’s all the more likely to open any links sent…including those that lead to new malware.
An inventive approach