It was only a matter of time before criminals figured out how to use social networking sites.
Late yesterday, the AFP reported that there's a new phishing attack afoot that spoofs a YouTube link, and takes users to a page that looks astonishingly similar to a legitimate YouTube page. Once users arrive there, they're fooled into thinking that they need to upgrade some software in order to view the clip -- and instead of that upgraded software, a piece of malware will be downloaded.
"It's good enough to be indistinguishable from the real thing," David Perry told me in a phone interview. He's the global director of education at Trend Micro, a computer antivirus and security company that detected this exploit a few days ago. "We expect this to show up in chat rooms, in blogs."
Last week, a thief who robbed an armored truck outside of a Bank of America in Monroe, Wash., used Craigslist in possibly the most ingenious way possible.
The guy posted a job looking for road maintenance workers, and gave specific instructions where to wait and what to wear. The robber hit the bank and ran out of the bank wearing the same outfit, presumably to confuse the police, and escaped in a waiting inner tube in a nearby creek. Apparently he's still on the loose.
Earlier this year there were reports of similar phishing scams on MySpace and Facebook.
So with all of these sites being used in some way or another to scam people, one tech blogger, Jeremy Wagstaff, now wonders if sites that indicate presence, like Facebook messages, Dopplr status updates, Twitter messages and others, could be used as a way to perpetrate similar types of scams.
The idea goes like this: You leave a Dopplr message that says you're halfway around the world for the next week. Therefore someone who is reading your Dopplr feed (likely someone you already know in person, or at least have an Internet relationship with) also knows exactly where you live. Then you get robbed. Right?
Meh. That's a lot of information that you're assuming a perpetrator would need to know. It seems way more trouble than it's worth. For a criminal wanting some quick cash, there are easier ways of doing it. If I were targeting a person that I already knew, then perhaps this could work -- but it still seems highly unlikely, and highly inefficient.
But by Wagstaff's logic, it's a wonder that Hasan Elahi hasn't been robbed yet.
In the end, crime will always adapt to the times and the technology, and there's not much we can do about it.
[via TechDirt]
Shares