Tag Archives: Phishing
Haven’t seen one of these in a while
I usually get a few spam emails daily, some are clearly phishing or attempting to get me to install malicious software. But the ‘Nigerian Prince’ scam (or 419 scam as it is more commonly known) hasn’t been popping up as often as I like. They’re entertaining to read, and I wish I got more of them. If you want to experience some Schadenfreude, there are even websites set up to turn the tables on the scammers.
Anyway, I just got one! So I’ll share it with you, let you know the ‘.co’ extension represents Colombia, and hopefully you all know not to respond to messages like this. As usual, we’ll talk about it more in class.
From: | “Thomas Kohler” <[email protected]> |
Subject: | Greetings and Good news |
Date: | Fri, February 20, 2015 3:28 pm |
To: | undisclosed-recipients:; |
Greetings, My name is Dr Thomas Kohler. I am an independent external auditor for the World Bank handling the Foreign Banks Debt Management Office. I have in front of me an abandoned transfer file containing details to an escrow account setup in your name. The file shows that you have correctly made application to have your funds released to you. It is also clearly noted on the file that the beneficiary could not handle the financial commitment required of him. Due to this the funds were pegged and abandoned.As an international independent external auditor i think it is very absurd to abandon ones funds for this simple reason. To tell you the truth i do not believe this to be true and my reason is simply because of the irregularities i noticed while compiling the audit report for the end of the financial year. I have perfected plans to have this funds transferred to you within the next 24hrs. Upon your confirmation i will give you further directives. Regards, Dr Thomas Kohler Tel/Fax: +44 709 287 5848 |
Targeted Hacking Attempts Against High-Profile Hotel Guests
Over on Wired is a post about high-profile hotel guests, mainly but not always in Asia, being the targets of what are known as spear-phishing attacks. As opposed to regular phishing attacks which target as many people as possible, and which we’ll learn about later, spear-phishing attacks target a particular individual and attempt to steal data. The specific malware used for these attacks, and the group using it, is known appropriately as DarkHotel.
To summarize the article, the attackers would upload malicious software to the hotel server, then when the target logged on to the hotel WiFi they would be prompted to download an update to some Adobe software (the article didn’t state which, however never, ever download updates over public or even semi-private networks), but what they actually got was an infection.