Social Engineering And Valentines Day
In many countries it is the custom to send a card or gift on February 14, Valentines Day.
Brewer’s Dictionary of Phrase and Fable says: “Valentine, St. A priest of Rome who was imprisoned for succoring persecuted Christians. He became a convert and, . . . he was clubbed to death. His day is 14 February. . .
However the World Book Encyclopedia and other sources give further information leading to the conclusion that this day is rooted in ancient pagan beliefs.
That being said, besides the commercial exploitation of an often uninformed public there is another danger that, according to ESET, can be summarized as “fake sites, false flirting and fraud”.
Cyber criminals target Valentines Day to engage in social engineering schemes. A typical approach is spam email telling recipients that they have “received a Valentine greeting card” and “please click to retrieve it”. The subject may include such remarks as “I love you” or “Trying to get back in touch”.
Typically these links lead to infectious websites that convince you to download rogue anti-malware software.
Other sites try to convince the public to enter their credit card information in order to proceed or to charge some sort of membership fee. Once the credit card details are given many unusual things can happen including fraudulent purchases and credit card cloning.
– Do not open e-mails if you do not recognize, whose sender you do not recognize.
– Do not open any attachments, even from known senders, unless you confirmed what they sent you and why.
– Scan any e-mailed or downloaded files with your anti-virus, before opening them.
– Do not click on any links in e-mails, unless you know exactly who sent them to you and where they lead.
– Remember that links can also be faked to look like they are leading somewhere familiar, but actually lead somewhere else!
– Do not forward or reply to chain-letters (no matter what sort of luck or fortune in love they promise you).
We might say that social engineering schemes related to Valentines day will target those that are love-struck or lonely.
A senior official from APEC Trend Micro was quoted as stating that they have already found spam being circulated as part of the start of cyber attacks in the name of Valentine.
Chatter on the internet suggests that the hacker community is gearing up for such attacks.
Individuals and especially businesses do well to contemplate existing policies (both HR and IT equipment related) relative to what might be on the far end of a link sent to an email account.
The best Valentines day hacks will be those that are pulled off without the notice of unwilling participants. Only the newbies will send up alarms when you click their links.
While a vast array of published evidence exists that Valentines day has its origins steeped in ancient pagan beliefs there exists further dangers for those who wish to participate in this day through any form of electronic medium.