Well, seems the virus writers are trying a new social engineering scam.

What does "social engineering" mean? That means that instead of using technology to get you to do what they want, they use psychology. For example, they've been sending out notices that you got a postcard from an old friend and tell you to click a link to view it, only the link is something like http://127.0.0.1 (i.e. all numbers instead of a real web address), and instead of going to a postcard site, you go to a site where they try to infect your computer with malware.

Their latest one, which I just saw for the first time tonight:

Subject: OMG, what are you thinking?

Body: LMAO, I cant believe you put this video online. Everyone can see your face there. LOL here is the link I got http://www.youtube.com/watch?v=KhiVpryxpIP

The thing is that they use HTML e-mail to make it look like the link goes to YouTube. It doesn't. It actually goes to an all-number URL where the most likely result is that evil people will try to install viruses and other malware on your computer.

Basically they play on your curiosity, or perhaps your fear, that there's some embarrassing video of you online where people can see your face.

Interestingly enough, this bogus mail came in through the forwarding service on a "private" domain registration. I think it's the second piece of mail I've received through that channel in about 18 months. It may be that this particular tactic is trying to target people using anonymizers and privacy services, as they generally are going to be more paranoid about their identity being revealed, which would make it more effective.

OTOH, if you're savvy enough to be using these privacy safeguards, you may be less likely to fall for the tricks they use.

This entry was posted on Sunday, August 26th, 2007 at 1:30 am and is filed under Techno Thoughts. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.