Digital Security

Digital Security: Using MS Word Documents to Deliver Viruses

I must be some sort of masochist: I've always been fascinated by computer-hacking, but never more than when it's directed at me. Every couple of months I'll get a mail in my inbox that sets off alarms. In most cases, they're obvious attempts to get ahold of my C.C. info; today, it was somethig a little more interesting: a socially engineered attempt at delivering a payload via an attached Word Document. Exciting!!

Think it's only executables (i.e., .exe files) you need to stay away from? Think again. Today, that virus is coming to you courtesy of your good friend: the MS Word document. But first, let's look at the delivery. Today's attack comes with a bittersweet coating of Social Engineering.

Tags

Digital Security: Domain Ransom at Computerbright.com

Another scam hits my inbox! Developer's wouldn't find this one particularly interesting, but it's exactly the kind of e-mail I expect my clients would follow up on. Also, cool twist: it involves Nazis. The premise is simple: we own a version of your domain, and unless you pay us for it your brand will suffer. If you're a business owner and you've received an e-mail from computerbright.com, know that nothing about them seems legit.

Background

Here's what it looks like; I get an e-mail from "Nathan" at computerbright.com explaining that his company owns the .NET version of my domain. Obviously, if I care about branding, I'll want to buy the domain from them. Since benevolence is a pillar of their core beliefs, computerbright.com is willing to part with the domain for a mere $599 dollars.

Tags

Digital Security: An Upwork.com Scam on Linkedin?

The Nigerian prince scam is a thing of the past. Here's a story you might, under the right circumstances, actually want to believe. Still--everything about this reaks of scam!

Social networking isn't really my thing, but I keep a profile on LinkedIn. I never put a lot of energy into it, but I check in every now and then and I try to review my profile once a year--just to make sure things are still up to date. It pretty clearly says on my profile that I'm a freelancer, and I leave myself open to work even though I'm really not; I don't mind seeing what's out there, you know.

Tags

Subscribe to Digital Security