[Full-Disclosure] New Social Engineering for MS03-32
From: Michael Tighe (mtighe_at_appliedmessaging.com)
Date: 09/29/03
- Previous message: petard: "Re: [Full-Disclosure] Soft-Chewy insides"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <full-disclosure@lists.netsys.com> Date: Mon, 29 Sep 2003 10:52:06 -0400
I got "interesting" email this weekend. Someone is
suggesting that I go to their site to send an email
greeting card to someone and use that to SPY on them:
"Spy on Anyone by sending them an Email-Greeting Card!
Spy Software records their emails, Hotmail, Yahoo,
Outlook, ACTUAL Computer Passwords, Chats, Keystrokes,
PLUS MORE..
Check up on your SPOUSE, KIDS, or EMPLOYEES!
Follow This Link To Begin... "
This has two layers of social engineering: one, it causes
you to click on a link. If you've not got a completely
good patch (or not immune to) the MS IE ObjectTag bug
(http://www.microsoft.com/technet/security/bulletin/MS03-032.asp),
then you can catch something.
But even if they are offering a valid service, it looks
like what they are doing is capitalizing on the fact that
your "anyone" isn't patched either - because by getting them
to open your greeting card, you can use MS03-32 to install
spyware.
Yeesh!
PS: the URL in my email appears to be
http://www.goohle.us/index.php?afil=1025
Your mileage may vary. I liked that the DOMAIN name was
"goohle" rather than "google". I almost didn't notice
the misspelling. A preliminary look suggests that
"goohle" is used as a keyword for pictures and websites
of a specific sort.
-- Michael Tighe
email: tighe@appliedmessaging.com
phone: 781-676-6700
MSN Messenger: tighe@appliedmessaging.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: petard: "Re: [Full-Disclosure] Soft-Chewy insides"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
