Now I get e-mails like this all the time - they look legit, and are scary things that try to provoke an emotional response. Stuff like "BBB Complaint" or "IRS deposit rejected" - stuff that you might see, and, being registered with the BBB and paying the IRS as a business - I might be provoked to respond too.
I wasn't ready for this one though.
A few months ago I made an order from Tiger Direct. I used an American Express Gold card and I paid several thousand dollars for the order.
Today I get this:
So what's interesting here is that this is obviously something that was phished - the amount is roughly right, the vendor, and the card are all correct. The transaction date being today, and the amount being substantial, made me think to myself "this message is legit - and indicates fraud on my account I better follow the link to chat with AMEX" and then BAM virus scanner kicks in.
Virus Spammers are not only getting more sophisticated, they are mining data from multiple sources, aggregating it, and sending highly targeted messages with embedded payloads that are likely to look very legitimate and provoke an emotional response, yielding a click through and payload trigger.
No comments:
Post a Comment