After the great virus attack of 1999, for which I made the Atlanta Business Chronicle after innocently unleashing it at a client site (link not found but will include if it ever appears online…god forbid!) Since then I’ve been supremely astute at spotting and ignoring those professional looking emails and links with ill intent. Today was the day my luck almost ran out, and I came within milliseconds of getting duped by a cleverly disguised email from “NOT LinkedIn” alerting me that my “account had been blocked due to suspicious activity”.
“Oh My God!” I thought to myself, “I must act immediately and fix this horror by blindly clicking the provided link ASAP!”
I spent the last week tweaking my LinkedIn account and was immediately convinced that the good folks at “LinkedIn“ were just “looking out for my best interest“, so with this in mind I blindly clicked the link and saw my life flash before my eyes. It started with a domain I didn’t recognize and in the span of less than a half a second I was immediately taken back to that fateful day in 1999 when I unleashed the Melissa virus on one of the worlds biggest accounting firms…and my biggest client. Luckily, Google Chrome recognized the link as fallible and closed the tab down with a stern warning.
Where were you oh great Google Chrome when I needed you that fateful day 12 years ago?
I returned to the email and held my pointer over the link to reveal the offending domain. While virus protection is smart and will protect us from most attacks, it can also lull us into a false sense of invulnerability. The trick we see above is one of the oldest in the book and penetrates our real-time virus protection by duping users to do the dirty work for them. No need to write ingenious code that launches itself when viewed, rewrites itself at every reboot to fool virus protection, watches our every move and reports our passwords, contact list and site visits back to criminal headquarters to fulfill their plan for world domination. That takes wayyyy to much time. Why go to all of that trouble when us users will simply give them our username and password, the keys to our fortresses, almost willingly. Why steal when it’s so easy to take what’s given?
While virus protection, spam protection and real-time packet scanning, technical blah blah blah etc. will keep us safe from most virus code, it won’t help those of us who refuse to apply simple common sense. A mouse over the link will reveal the true destination and avert a life altering event from taking place. Common sense never needs a software update, it just needs to be applied as often as possible.
Links of interest:
[...] Glen Pridgen on July 15, 2011 Original post: Almost Fell For It – LinkedIn Scam. This entry was posted in LinkedIn Scams by spamboli. Bookmark the [...]