Threat Level: green Handler on Duty: Kevin Shortt

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Social Engineering Alive and Well

Published: 2014-08-20
Last Updated: 2014-08-20 14:11:43 UTC
by Kevin Shortt (Version: 1)
0 comment(s)

The muse for this diary is far from hot off the press. Many of you may have already come across the click through scam on Facebook reporting a video recording taken of Robin Williams moments before his death.  

In case you had not heard, Robin Williams is a popular American movie actor and entertainer that recently took his own life at the young age of 63.  The general public's open expression of grief for his passing has given some evil doers an opening to take advantage of human emotion.

Snopes.com has a write up on this scam. [1]   I can offer a couple of details on it.    
An image like this one will show up in your Facebook feed enticing you to click to view the video of Robin Williams.



Once the link is clicked, it will bait again the user to fill out a survey and provide some information. (PII)
The following image is the next step.


 

By clicking through this type of scam it opens a list of vectors for the user to be exploited. So please beware, educate your family, friends, and co-workers.

Let this also be a wake up call for other soft spots.  The ALS Ice Bucket challenge is viral marketing success, that could easily be exploited. So don't always trust and feel the need to meet your curiosity.

Safe clicking.

 
[1] http://www.snopes.com/computer/facebook/robinwilliams.asp

 

0 comment(s)
ISC StormCast for Wednesday, August 20th 2014 http://isc.sans.edu/podcastdetail.html?id=4113
Diary Archives