Re: [Full-disclosure] Fwd: Its time to take rick rolling seriously



i actually agree with this thread. but its not just rick rolling.
its any link that anayone sends.

On Sat, Apr 26, 2008 at 4:02 PM, Razi Shaban <razishaban@xxxxxxxxx> wrote:
Actually, yes.

I made a video about something similar the other day, you can find it at:

http://www.youtube.com/watch?v=Yu_moia-oVI

It elaborates on a few of your ideas, but refutes some others.

--
Razi



On 4/26/08, n3td3v <xploitable@xxxxxxxxx> wrote:
> ---------- Forwarded message ----------
> From: n3td3v <xploitable@xxxxxxxxx>
> Date: Sat, Apr 5, 2008 at 2:17 AM
> Subject: Its time to take rick rolling seriously
> To: n3td3v <n3td3v@xxxxxxxxxxxxxxxx>
>
>
> We need a big list of all the rick roll URL's, so we can protect the
> public against it.
>
> Network operators need a list of rick roll URL's to add to the block list.
>
> Can someone harvest all the rick roll URL's and post them as one list
> for folks to copy&paste into their block lists?
>
> Some of the rick rolls don't go to Youtube, some of them are
> sophisticated javascript that we need to clampdown on, so not to waste
> productivity and resources on these sites getting executed
> accidentally.
>
> If you don't think this is a security issue, its time to wake up.
>
> RICK ROLLING HIGHLIGHTS THE EASE OF PHISHING ATTACKS
>
> If you look at how many hits the Youtube rick roll got alone, then
> that goes someway in showing your average joe how easy it is to
> compromise folks through phishing.
>
> Sure, it looks harmless enough, but the bottom like is, the Youtube
> link (don't click) http://youtube.com/watch?v=eBGIQ7ZuuiU has
> generated upto 9,290,352 views in only a few months since the craze
> took off via mostly social bookmarking sites such as Digg, Reddit.
>
> Those could easily equal into 9,290,352 malicious phishes, 9,290,352
> credit cards and 9,290,352 identity frauds.
>
> Now, what happens if the cyber criminals catch onto the rick roll and
> start "cyber rolling" everyone with malicious code or links to a
> forged banking site, then that's really going to be bad.
>
> So who is keeping track of rick rolling, so it doesn't turn into a
> "cyber roll" where folks get compromised?
>
> The media and others should use the rick rolling as a wake up call as
> to how easy it is for folks to be fooled, and if its just rick ashley
> this time, it might be more than "never gonna give you up" next time,
> because it could be your cyber security and bank info you're giving up
> in the future, so i'm calling on network security professionals and
> the media to use rick rolling as a highlight case of the dangers posed
> by social engineering and phishing by hackers, which can ultimately
> lead to data loss and disaster. rick rolling should be used to
> highlight awareness of the threat posed by link-based-phishing towards
> your everyday average single mom, retired couple or the 9,290,352
> folks who have to date been "rick rolled", who are the next
> potentially phished.
>
> And, not all, rick rolling could be used be an attacker to see how
> gullible his target is to links, before carrying out a full on
> phishing attack, so there are many issues here with rick rolling which
> the security community may not have grasped up till now.
>
> If you think its stupid, 9,290,352 were and thats alarming says n3td3v.
>
> There are stupid people out there and rick rolling could be an easy
> way to find the stupid people before your ultimate attack.
>
> Carry on the uses of rick rolling below this e-mail by cyber attackers
> and the indications its giving out to folks on how easy phishing and
> socialing engineering really is on the internet today.
>
> I see a new craze of "cyber rolling" coming which hackers can exploit
> and i'm not sure if I like it very much, its fun and games at the
> moment, but just wait to the hackers catch on and things develop with
> the rick roll trend.
>
> I'm worried, are you?
>
> All the best,
>
> n3td3v
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: [Full-disclosure] Fwd: Its time to take rick rolling seriously
    ... Network operators need a list of rick roll URL's to add to the block list. ... RICK ROLLING HIGHLIGHTS THE EASE OF PHISHING ATTACKS ... compromise folks through phishing. ... what happens if the cyber criminals catch onto the rick roll and ...
    (Full-Disclosure)
  • [Full-disclosure] Fwd: Its time to take rick rolling seriously
    ... Network operators need a list of rick roll URL's to add to the block list. ... for folks to copy&paste into their block lists? ... RICK ROLLING HIGHLIGHTS THE EASE OF PHISHING ATTACKS ... what happens if the cyber criminals catch onto the rick roll and ...
    (Full-Disclosure)
  • Re: 1st Bioshock 2 screens
    ... Can anyone explain to me the point of Rick Rolling someone? ... Goatse and Tubgirl I can understand - Rick Roll I can't. ...
    (uk.games.video.xbox)