Vanity Scam Strokes Egos to Steal Info
Elizabeth Palermo, TechNewsDaily
Contributor
June 11 2013 01:10 PM ET
 |
CREDIT: Minerva Studio/ Shutterstock.com View full size image |
A new spear-
phishing campaign
targeting business
executives shows
that Internet
scammers hope a
little flattery can go
a long way.
The "Top 100 Executives" scam,
as revealed on the anti-virus firm
Bitdefender's HotforSecurity blog, lures
professionals into parting with personal
information, such as phone numbers,
email addresses and job titles, by
appealing to the executives' vanity.
Victims of the scam receive an email
from "Top 100 Executives Magazine of
2013 Magazine," a fake publication that
claims to be compiling a list of the most
distinguished men and women in
business. The email contains a link to a
"Registration Form" on the Top 100
Executives website. The site requests a
bevy of personal information from
victims, including their business,
mobile and home phone numbers,
company name and job title and
description.
Once a victim enters this sensitive
information, it is sent to cybercriminals,
who can use it to commit identity theft,
or even worse, create fake emails that
pretend to come from the executive.
[See also: How to Tell a Phishing Scam
Fake business emails are a prime way
for malicious hackers and cyberspies to
break into organizations. Many
successful corporate network
penetrations have started with a phony
email that prompts the recipient to open
a malicious attachment — and what
better way to get a low-level employee
to open an email than to make it looks
like it come from his boss?
As with most phishing scams, the Top
100 scam uses a few tried-and-true
tactics to get victims to part with their
personal data.
For one thing, the scam appeals to the
victims' vanity, claiming that only the
"most accomplished and distinguished
men and women" are considered for the
"honor" of being included on the
fraudulent company's list.
The scammers also try to trick
professionals into giving up their
credentials as quickly as possible,
claiming that they have previously
attempted to contact the victim and
warning them that the email is their
"final notice." This appeal to urgency is
a typical component of most phishing
scams.
Facebook, a popular venue for
conniving phishermen, is also host to a
recent scamtargeting users with
professional profiles. Much like the Top
100 Executives scam, the "Fan Page
Verification Program" bears the
phishing hallmarks of appeals to vanity
and urgency.
Other "vanity appeals" involve creating
a malicious Web page full of
information about a high-profile
individual, such as a top business
executive, in the expectation that the
executive will Google his own name
periodically and click on anything new
that comes up.
To avoid falling victim to such scams,
use your head. Don't click on Web links
embedded in email messages from
people you don't know, even if they've
emailed you at work. Use and update a
robust anti-virus program, one that
screens your browsers for malicious
links.
And, last but not least, don't let your
ego get in the way of your common
sense.
Email asklizzyp@gmail.com or follow
her @techEpalermo. Follow
us@TechNewsDaily, on Facebookor on
No comments:
Post a Comment