Happy New Year! Is your resolution to get a Botnet?
Today, I received an email. “So, what,” you say, “Don’t you get emails everyday?” Yes, in fact, I do. I receive many emails, of varying importance, at numerous email addresses. Is this because I’m important? No, just like the rest of you, I have too many email accounts and receive too much junk. I, too, am trying to reach the Geek Shui balance, but, unfortunately, I’m not quite there yet! I digress, though. Today’s particular email promised me 250,000 GBP (approximately $403,500 US Dollars). Yes, 2010 started off, right! All I had to do was give all my information, via email, to an alleged UPS representative in London. They, in turn, would make sure I got it, within 48 hours. While they may have been honest about “getting something”, I’m sure it wasn’t going to be money. The attached .pdf was reportedly virus-free, which leads me to speculate it is a maliciously encoded .pdf file designed to exploit the latest Adobe Zero Day Vulnerability, reported in December 2009 and for which a patch has, as of today, been released. If it isn’t that one, it is probably something equally heinous, or, in fact, it may just be an attempt to get my information, in order to harass me personally, via telephone, email, or snail mail. In any case, I’m obviously not going to find out!
Click on the image to become a Phish-spotting expert!
*
My initial chuckle over the email’s obvious, bogus nature quickly turned to curiosity. How many people actually fall victim to this type of thing? While there are no exact numbers (or anyone to keep track of them), it must run in the millions. As an IT and Network Security professional, I could easily spot the signs, view the source, examine the headers, etc, etc. How does my knowledge help the normal computer user to avoid the threat? On this thought, Geek Shui Living put together and has now posted an in-depth (albeit, a bit sarcastic) analysis of an “Official Phishing Email”. Hopefully, it will help those, who don’t know, learn to spot the signs of a phishing email and avoid falling victim to the very real criminals who use cyberspace to conduct their sinister endeavors. If you find it useful, someone else probably will, too. So please feel free to pass on the link. In the end, it won’t save the world, but it will get you a little closer to achieving Geek Shui!
Justin E. Gehrke is the founder of Geek Shui Living. As a right and left-brained geek, he is available for consulting in the areas of Information Technology, Network Security, and creative web design and development. You can contact him via the Geek Shui Living Contact page. Alternatively, you can follow him, via twitter, and be voraciously consume his technology news commentary and random geek ramblings: http://twitter.com/GeekShui
