Ever received an email unsolicited (yes we know you get spam) to your work or personal email address? Found an account of yours compromised and that you can’t log in? Gone onto messenger and had messages from someone you don’t know popping up? So just how do they do that? how do they know who you are and how do they get your email or messenger IDs, and is there anything you can truly do about this?
I often see an email in my Hotmail inbox from someone I know that looks out of context, not something I would expect them to send. Perhaps a “have you see this picture of yourself on site“ or “I saw this great product and you gotta take a look at it – check it out at“, accompanied by a malicious link.
Likely what has happened here is either their mail account itself has been compromised or their email address has been harvested and a spoof email (an email that looks like it’s from them but isn’t) has been created.
So your friends start receiving emails, messenger messages or even Facebook messages from what purports and looks to be you, but its not! Who really is communicating with them and how have they got your identity so easily? These are malicious attackers riding on the back of your personal equity with that person, to entice them into trusting the message they have just received, from what they think is you.
Why are the attackers taking this approach? A knock at your front door and you look out the window, a stranger you may ask for ID, not answer the door or act on alert, someone you recognise your going to open the door and welcome them in, right!? Exactly the reason that in the electronic world they are taking this approach, disguising themselves as you and knocking on your friends electronic doors.
The difference is that at your real door it is very difficult, nigh impossible for someone to disguise themselves to really pass as a friend you have known for years – electronically this becomes easy. Getting a person’s details often is surprisingly easy, checkout for example people you know on Linkedin and Facebook alone and see how quickly you can gather their personal details – You will be surprised how many post their mobile number onto their linked in profile and often their full DOB and marital status.
Married women often on linked in even put their maiden name in brackets in their ID name (so that old friends can still find them), but of course maiden name is often a security identifier used for authentication. Now check their Facebook profile, often linked to from their Linkedin profile, assisting you in your profiling and quickly you can find yourself with a ton of personal data on someone and also details of their friends too.
It’s not far from this to take a further step and steal their identity, launch a malware attack onto them through a malicious or fake Linkedin email request (an email looking like a link in connection but from a fake link and site). Once you have one login of your victim your away and can often piggy back from this into obtaining further logins they may have with similar ID’s or the same password. Now send a message to all their friends who will more than likely believe the message, link or payload as being from a known trusted friend and hence drop their guard, click away and hence themselves become infected or compromised.
Ever been on a messenger such as MSN and found random people adding you , often as a guy it will be a sexy sounding female name with a picture of a model looking girl – too good to be true – YES of course it is !!
This is an growth area called SPIM – spam over instant messenger, where your email ID has been harvested from perhaps your facebook profile, linked in posting or even a posting on a discussion board where you have left your email address as openly visible. You then get a random linkee request to chat and hey presto they have you hooked into a dialogue. During which often you will get a link presented saying something like “hey did you see the picture of you I saw / posted here http://example.co.uk and of course clicking here to see it leads you to a drive by infection.”
Add to this were now seeing text message spam and even recently instances of Blackberry messenger spam and fake contact additions, where someone tries to add you on Blackberry messenger for example, similar to the MSN example above. In all these instances the attackers are your trust in real people as your vulnerability.
Once they compromise one of your ID’s it often leads to a snowball effect as they either use that to attack your friends from your account or utilise it to get into other accounts of yours (for example maybe you have the password reset for your facebook stored in your gmail folders – once into gmail they have this too!) All too many users also still use the same password on multiple sites for their own simplicity, of course this is useful until one of your logins is exposed and then they all become at risk.
If they have access to your main email account also consider this: that they can then perform a password reset on other sites sending it to your mail account, changing the password and in effect not only copying your login but replacing it so they and not you can get into your accounts.
Do not assume electronically a message from a known email address, facebook ID or messenger name is the person you think it is. Do not trust it any more than you would someone unknown when receiving odd links and suggestions to go to web sites. Do not assume that message is safe just because it appears to come from a friend. Ensure you have the best malware protection enabled on your device and that you remain cautious. Far too many are falling foul to these social masquerading scams and losing personal data, privacy and money!