 |
Second email (Fake one): Then I get another mail about the same event but this one looks more fancy.......this one also comes from a good friend. Something which made me read this mail was, I didn't get registration reply when registering through the address on the first email. You can see the screenshot of the same advert below ( I am using the screenshot as I don't want to spread the attack myself :P but one can see the url of malicious website in the redbox in bottom left ....thanks to Mozilla Firefox 3.5)
 |
I am really impressed by the ingenuity of the spammer/attacker as here the mail didn't came to me as a random email but from someone trusted. So the attack searched for me ..... :)
They knew that the event is recent .....so they were mixing familiar names with malicious links (some of the URL's point to trusted portals like Forum Nokia). Since the event info comes through network ....it reaches to a person who has a high chance of clicking on it. So, the chances of the attack being successful are even higher.
Lessons to be learned:
1. Have upgraded browser and working one (like Firefox) , which can tell you that the website you are trying to open is malicious.
2. Even though mail comes from a trusted source ....... first hover over the link before clicking on it ......if it is something malicious...I am clicking on! (like the one in above image is just an IP )
3. Inform your network about it ...so that they stop spreading attack........but inform them in a smart way (by not spreading it again) ........ :)
No comments:
Post a Comment