lundi 31 août 2015

Weird spoof email

Let's suppose MrsB has the first name Vera, and she has a distant friend called Carol Clark, who she hasn't heard from for some years, but both are in each other's address books we assume.

So VeraB gets an email from Carol.clark@xyz.com, with a generic message signed 'Love' and a suggestion that she click the embedded links.

This goes straight to MrsB's junk mail box in Hotmail, and she spots it but is well-trained enough not to click the links.

I contact Carol via FB, warning that *it seems* her address book might have been harvested for contacts, and wondering whether she might have a virus and that maybe it's wise to do a full scan.

Carol replies that the source email address is not one of hers at all, and she's pretty firm about that.

How did that work? How were people in Carol's (?) address book targeted with a source name that's known to the recipient, unless Carol's address book was raided?

late thought: was MrsB's address book raided to generate plausible names for virus-ridden emails for MrsB to click? Is this whole post "debugging by confession"? :)


via International Skeptics Forum http://ift.tt/1MYCjRq

Aucun commentaire:

Enregistrer un commentaire