Read on Twitter
My mom: I got the monthly bill from the mobile provider. But I can't open it.
Me: Why not?
Mom: It's in a ZIP file protected with a password.
Me *confidently*: Oh, this is a common trick. Scammers send malware like this to bypass e-mail gateway scanners.
Mom: Take a look.
Me: Why not?
Mom: It's in a ZIP file protected with a password.
Me *confidently*: Oh, this is a common trick. Scammers send malware like this to bypass e-mail gateway scanners.
Mom: Take a look.
So, I do. E-mail headers look perfectly OK. It really does seem to come from the mobile provider. Is this some trick I don't know?
The message addresses me correctly by name. OK, maybe they got it from somewhere.
Message says ZIP's encrypted with a password to protect data.
The message addresses me correctly by name. OK, maybe they got it from somewhere.
Message says ZIP's encrypted with a password to protect data.
Password is my date of birth, YYMMDD. OK, that's not hard to find, either. But if this is an attack, it's a hell of a targeted one...
But you can see what's in the ZIP archive without entering a password; archive directory is not encrypted. It's a PDF file.
Hmm...
But you can see what's in the ZIP archive without entering a password; archive directory is not encrypted. It's a PDF file.
Hmm...
So, taking all precautions, I open the PDF file in the virtual machine with no Internet connection.
IT'S THE FUCKING MONTHLY BILL!!!
It's not an attack. The idiots have sent the bill exactly as the scammers do!
*That* is why we can't end phishing...
IT'S THE FUCKING MONTHLY BILL!!!
It's not an attack. The idiots have sent the bill exactly as the scammers do!
*That* is why we can't end phishing...
