It’s getting pretty tough out there on the web, and now the once fairly safe world of social networking is getting dangerous too. Now I’m paranoid, really paranoid online and allegedly should know what I’m doing. I have some of the best security certifications and tons of Microsoft exams (although did cheat a bit on those – sorry Bill), and a lot of DNS experience. But I am getting pretty darn close to clicking some sort of virus ridden link, this stuff is getting very real, very quickly.
A few years ago, most of the online scams involved extremely crap emails (usually from Nigeria) with hopeless stories about dead relatives/princesses/benefactors wanting to leave money/swindle governments/etc . Their spelling and grammar was awful and they used words like ‘modernity’ which made you think what the f#ck is going on. This was good, it was stupidity, perhaps desperation so therefore at least the damage was minimized. But of course it still caused wide scale misery for lots of trusting or perhaps greedy individuals.
It’s changing though, and changing quickly – the crappy scam emails from Nigerian benefactors are going, they are now different. They are now plausible, well written stuff with the occasional deliberate spelling mistake added for realism. What’s worse for the depraved, drunken, half witted (I qualify on several) they’re getting subtler.
How about this – appearing on your Facebook page.
Let’s be all professional here – it’s a picture of a young lady standing in her underwear at the start of a video. For a start, most males under 80 would by now have clicked on the image and I can’t say I blame them. It looks like a webcam, it looks like she’s going to take some more stuff off. But what happens is you get prompted to install an update to Adobe Flash before you can view it. Which let’s face it sound legit and many would proceed, this is the point where you’re caught and all the dodgy stuff gets installed on your computer – oh f**K you may think.
It’s worse because it’s in a safe feeling environment like Facebook, you think you’re protected, but you’re not. I confess I would have fallen for this myself, my security training would have counted for nothing – I was saved by my OCD. Come on girl, hang that bag up somewhere properly, don’t leave that red sock on the floor. I am aware of how sad I have become.
It’s clever on many levels, the video appears to play for a few seconds (but that’s actually an animation in the image), all the urls are shortened and encrypted. The end result is that it installs a Trojan Agent which spreads via your Facebook account.
So the conclusion? She may be a hacker’s deception, but I wish I could have watched the real video. Perhaps they’ll send the real one out next week 😉