Incidents

It takes only one ‘nice’ person

In the security industry we often focus heavily on new technologies and shiny new software, and forget that so much of what we see is dependent on the person behind the computer.

Today, a co-worker of mine was sent an email from someone she doesn’t know, with the following text:

“I’m writing this with tears in my eyes,my fam and I came down here to Wales,United Kingdom for a short vacation unfortunately we were mugged at the park of the hotel where we stayed,all cash,credit card and cell were stolen off us but luckily for us we still have our passports with us.

We’ve been to the embassy and the Police here but they’re not helping issues at all and our flight leaves in less than 3hrs from now but we’re having problems settling the hotel bills and the hotel manager won’t let us leave until we settle the bills,i’m freaked out at the moment.”

Being the kind and caring individual that she is, she was naturally concerned. Should she help these people out? Luckily she asked us first.

Unfortunately this type of cry for help is all too common, as we all know; an evolution of the Nigerian 419 spam. Though it has much better grammar, and does not entice us with the promise of thousands of dollars, it does play on the weakest link in the security chain; us.

Notice the feeling of helplessness (“…with tears in my eyes…”) combined with the sense of urgency (“…our flight leaves in less than 3hrs…). It is a classic example of a con.

You can have all the security in the world, the best and most expensive technology, but if you don’t educate yourself, and your co-workers… all these systems mean nothing. All you need is someone to open the door.

It takes only one ‘nice’ person

Your email address will not be published. Required fields are marked *

 

Reports

APT trends report Q3 2021

The APT trends reports are based on our threat intelligence research and provide a representative snapshot of what we have discussed in greater detail in our private APT reports. This is our latest installment, focusing on activities that we observed during Q3 2021.

Lyceum group reborn

According to older public researches, Lyceum conducted operations against organizations in the energy and telecommunications sectors across the Middle East. In 2021, we have been able to identify a new cluster of the group’s activity, focused on two entities in Tunisia.

Subscribe to our weekly e-mails

The hottest research right in your inbox