Hackers are using fake parking violation warnings to trick motorists into visiting malware-infested websites. The innovative social engineering trick was pulled off in Grand Forks, North Dakota using windshield fliers with a website address linked to a booby-trapped website. The fliers said: PARKING VIOLATION This vehicle is in …
Im actually quite impressed with the amount of effort these guys put in to hook someone!
One could give out fake parking fines with a fake payment URL.
Honestly these scammers have no imagination.
You think that's impressive, you should see the number of volunteers they've got lined up for the 25-million-infectees-in-one-day version!
So the local council never got a single CCTV image of these dirtbags?
I asssume these flyers were simple home DTP ( any use that term anymore? ) knock ups, not produced from a professional print-shop?
No one even noticed someone prowling about simply sticking flyers to windshields?
That is what I was thinking the scam would be. But that is too traceable, better unnoticable malware to keep stealing over many weeks and larger amounts than a parking fine,..
How in the world do you get a parking ticket in North Dakota, unless by parking in front of a fire hydrant or blocking an emergency-room entrance?
You get a parking violation in North Dakota for parking next to a Moose. Provided Sarah Palin hasn't shot and gutted the Moose yet.
Do they pay people to stick it to the car or do it themselves? Easily catchable for numerous offenses if its them themselves doing the sticking..
Also: Hide in car with shotgun. I'm just saying..
>How in the world do you get a parking ticket in North Dakota, unless by parking in front of a fire hydrant or blocking an emergency-room entrance?
Errrr.... Clue in the title perhaps...
Wheres my stick...
If I get one of these I'm gonna walk down the street and find the unmentionable piece of crap resposible for issue and let the heavey end of my stick deal with them.
...to see that the vast majority of malware these days relies pretty heavily on social engineering tactics.
This goes to show that the modern OSes are actually pretty secure. All those security patches have pretty much paid off. We've come a long way in terms of security since the days of the windows 98 password "protection".
I guess it's hard for a lot of us to remember that security wasn't even considered an issue in the early days of computing. Way back then, we were all completely focused on getting the damn things to share stuff, not prevent them from doing so.
In a modern corporate network, there are so many teirs of security that an infection has become a rarity, and for me, a much anticipated treat. A rare chance to pit wits against some black hats ingenuity.
Alas, they rarely put up much of a fight. More often than not, the AV software will have quarantined it before I get to the workstation. Even if they sneak through that, they can usually be hunted down and deleted manually.
There was one a few months back that gave me a breif run for my money. Somehow preventing me from deleting it using a corrupted NTFS permission. All i needed to do was place a full denial permission on the file for the local system account, and that stopped it dead in its tracks from being run.
The weakest component these days is the LNAK (A tech support term I picked up back in the days - stands for Loose Nut At Keyboard).
I think the blaster/sasser worm was the last virus I can remember that could spread without any user intervention. Even then, if you had a firewall - even the built in XP one enabled, it couldn't get in.
A firewall, and AV scanner with decent heuristic algorythms will be pretty much Domestos.
For those non-UK residents, Domestos is a bleech advertised with the slogan "kills all known germs. dead."
Paris, cause she's bound to be harbouring something!
"view pictures with information about your parking preferences"? That doesn't even make sense.
I've heard that the response of the local university was to send out a message telling people to not go to the site. Which would have been fine, except they listed the URL. Looks like the perpetrators got a free one.
Re: North Dakota?
"How in the world do you get a parking ticket in North Dakota, unless by parking in front of a fire hydrant or blocking an emergency-room entrance?"
I suspect parking on top of another car will attract a parking ticket. Even in North Dakota.
@The Fuzzy Wotnot
Putting flyers or leaflets on cars is fairly common as a means of advertising, so it's not likely to attract attention.
I guess some of the victim's PCs ended up getting Forked then!
- Analysis Oh no, Joe: WinPhone users already griping over 8.1 mega-update
- Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
- OK, we get the message, Microsoft: Windows Defender splats 1000s of WinXP, Server 2k3 PCs
- Spanish village called 'Kill the Jews' mulls rebranding exercise
- NASA finds first Earth-sized planet in a habitable zone around star