Friday, October 24, 2014

Too Much, the Magic Bus

Anybody get one of these?  It got kicked out into my junk folder. You can click the graphics to enlarge them.


If you did, of course you know better than to click on the embedded link.

I doubt it actually came from the Bloombergians. They never did notify me when I asked them to let me know when the bus would be in town--although I did get some emails from someone who said he was with the tour and would sell me the schedule.  See?

Unfortunately, the IP for that went to BulletMail/Yahoo in Sunnydale, so further tracing was problematic. And no, of course I had no intention of paying someone obviously setting out bait, but it is nice to know they employ such principled people.

The IP Address from the first email's source code goes to a site for the National Laboratory for High Energy Physics (KEK) in Japan.

Whomever the malevolent mind behind this obvious attempt to lure recipients into a malware trap is, the fact that my edress was selected for this particular bait leads me to suspect this is more directed than random.  And while I don't suspect an authorized Everytown plot, I do question how secure they have kept their email lists.  You'd think with a billionaire behind them, their precautions against such hijacking would be first class.

But that's all vulnerable to the quality of people being employed, isn't it?  And as you can see from my bus tour mercenary, that's pretty obvious.

1 comment:

Anonymous said...

The higher a person's visibility on the Internet, the more vulnerable a person is to targetted attack attempts.

All the bad guys seem to just love using malware, including government actors in the NSA.

Here's a link to an EFF article on such a topic, which talks about some details of attacks on journalists.

https://www.eff.org/deeplinks/2014/01/vietnamese-malware-gets-personal

As the potential damage from such attacks goes up, the responses needed to limit the damage also becomes increasingly inconvenient. Using a dedicated computer to open files and links from strangers (in lieu of ignoring them entirely) can be a significant barrier to attackers, particularly if the dedicated computer is regularly wiped clean either manually and/or by using a "virtual machine" set up within the dedicated computer.

Approaches using dedicated hardware concerns some criminal entities so greatly that they have plans and means which can be used to intercept electronic hardware from the factory and install their malware before the hardware is ever delivered.

http://www.theinquirer.net/inquirer/news/2344392/nsa-is-accused-of-sneaking-backdoors-into-hardware-exports

-PG