[Pauldotcom] Interesting spear fishing type attack
Chris Merkel
cmerkel at gmail.com
Tue Mar 9 18:39:22 UTC 2010
I've seen this before - it's generally not spear phishing though. What I've
seen happen is that a person's webmail account gets owned, and the attacker
uses the account to send that story to everyone in their address book.
They're really good, in some cases - I had an acquaintance who did business
in Laos and Malaysia, and when I got that same email, I really had to think
it through before I trashed it - the email claimed they had been traveling
in that area and gotten mugged.
- Chris
On Tue, Mar 9, 2010 at 9:39 AM, PJ Velasco <pjvela at gmail.com> wrote:
> One of the guys I work with got an email from a person he used to know
> real well years ago. The email claimed that the person was stuck in
> the UK and needed money to come back home to the states. I thought
> this was an interesting angle. Identify and research your target (as
> usual), but instead of looking for current group memberships or
> vendors you search classmates.com or other reunion type social
> networking sites and craft an email using someone they used to go to
> school with. Obviously this did not work on my coworker, but I
> thought the list would find it interesting.
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>
--
- Chris Merkel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100309/ad36e961/attachment.htm
More information about the Pauldotcom
mailing list