We’ve all heard it – “Have any nude pictures of your wife? “Want to buy some?” It’s an old joke, but the Internet has given the “ Want to buy some?”, new meaning.
Straight from the headlines here in Canada – Judge temporarily off bench over online sex photos. Since this women is an Associate Chief Justice, I suppose the idea that one could view her (absent her clothes), on the Internet, makes this a titillating newsworthy event. I won’t get into the whole story here, but there’s a 67 Million dollar lawsuit involved.
In the broader sense though, it’s not much of a story. The particulars in this case may be unusual, to some extent, but the concept certainly isn’t. Google – “pics of your wife”, and be prepared for 262,000,000 links. I must admit, I was taken aback with the sheer volume of the results. It seems as if nude wife pictures has a certain cachet!
It’s no surprise then, that Cyber-crooks continue to use the “pictures of your wife” social engineering email hook, to entice potential victims to click on an email containing a link to that all time spamming champion – Canadian Pharmacy, which is (no surprise here), controlled by a Russian botnet.
So, what would you have done if you had received the following email in your inbox this morning? Would you have been curious enough to read the email shown below – including clicking on the enclosed .jpeg.
I apologize for my frankness. I’m sorry for not being able to speak to you in person, but I can only talk to you via email and I feel obliged to notify you to open your eyes, you are being betrayed.
I know it is difficult to prove, but every picture tells a story, I’ll send you these pictures so that you can see it with your own eyes. Take care…a big hug
From a good friend who is very fond of you
View photos here
As part of what I do, I occasionally follow emails like this all the way down the trail. And, in this case, I ran both the attached .jpeg, and the site, (before opening either one), through VTzilla, an Internet Browser malware checking add-on. The initial 7 engine scan showed the site to be safe. A follow-up scan with all 43 engines produced the same result – a safe site.
OK, that was cool – Firefox, Google Safebrowsing, Opera, Paretologic, Phistank, and TRUSTe, amongst others, gave this site a clean bill of health. So, I should have felt confident in opening this site, right? Well, not quite. There was one problem – I KNOW this is an unsafe site!
On attempting to open the site though, WOT, another Internet Browser security add-0n, intercepted the connection and overlaid the following warning.
Clicking on the “View rating details” button, gave me the following site information.
Here’s the point of all this:
Do NOT open titillating, or salacious emails, no matter how tempting.
Do NOT trust to a single Browser security add-on to protect you on the Internet. Any statement to the contrary is sheer BS. No such single tool exists.
I encourage you to add WOT to your Browser. For more information on this critical add-on please read – Safe, Secure Browsing, with Free WOT Browser Add-on, on this site.
For a listing of additional Browser add-ons, please read – An IT Professional’s Must Have Firefox and Chrome Add-ons, on this site.
In the final analysis, in this particular case, no harm was done. I can of course, look forward to a barrage of spam email, directed at my honeypot email account, from this botnet.
I should point out however, that of the five emails (with the heading “Your wife’s pics”), I’ve tested in the last six months, three downloaded Trojans to my test machine.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.