I had the opportunity to examine malware whose initial infection vector was a car windshield flier with a website address. The malicious programs were run-of-the-mill; however, the use of fliers was an innovative way of social-engineering potential victims into visiting a malicious website. Several days ago, yellow fliers were placed on the cards in Grand Forks, ND. They stated:The malware exploits a vulnerability in Internet Explorer (so don't use it, mkay?), and directs the browser to a site offering a "free virus scan". Surprise! You have spyware! I particularly like the multiple exclamation points!!!!1!PARKING VIOLATION This vehicle is in violation of standard parking regulations. To view pictures with information about your parking preferences, go to [website-redacted]
The "antivirus" program? It's a virus.
As more people become comfortable doing business with the government online, this is an interesting opportunity for scammers. If the government's web sites have lousy security, this is a target rich environment.
Oh, and there are some real, above board online antivirus scanners. Free.
No comments:
Post a Comment