Full Disclosure mailing list archives
New Social Engineering for MS03-32
From: "Michael Tighe" <mtighe () appliedmessaging com>
Date: Mon, 29 Sep 2003 10:52:06 -0400
I got "interesting" email this weekend. Someone is suggesting that I go to their site to send an email greeting card to someone and use that to SPY on them: "Spy on Anyone by sending them an Email-Greeting Card! Spy Software records their emails, Hotmail, Yahoo, Outlook, ACTUAL Computer Passwords, Chats, Keystrokes, PLUS MORE.. Check up on your SPOUSE, KIDS, or EMPLOYEES! Follow This Link To Begin... " This has two layers of social engineering: one, it causes you to click on a link. If you've not got a completely good patch (or not immune to) the MS IE ObjectTag bug (http://www.microsoft.com/technet/security/bulletin/MS03-032.asp), then you can catch something. But even if they are offering a valid service, it looks like what they are doing is capitalizing on the fact that your "anyone" isn't patched either - because by getting them to open your greeting card, you can use MS03-32 to install spyware. Yeesh! PS: the URL in my email appears to be http://www.goohle.us/index.php?afil=1025 Your mileage may vary. I liked that the DOMAIN name was "goohle" rather than "google". I almost didn't notice the misspelling. A preliminary look suggests that "goohle" is used as a keyword for pictures and websites of a specific sort. -- Michael Tighe email: tighe () appliedmessaging com phone: 781-676-6700 MSN Messenger: tighe () appliedmessaging com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- New Social Engineering for MS03-32 Michael Tighe (Sep 29)