ESET Issues Icelanding Alert

Cybercrooks Invent New Scams As Thousands Stranded By Volcano Dust

With millions of people being stuck worldwide because of the volcano eruption in Iceland, cyber crooks have quickly come up with a modern scam based on the old 'friend in need' approach.

Security experts at ESET have detected an increase in scam mails  being sent by people claiming to be friendsasking for a loan of  cash so they can   get home from places where they are stranded.

Imagine receiving a mail or message from a "friend", possibly from a hijacked Facebook friend's account, or an e-mail address, saying they're stuck at a foreign airport and urgently need some money. Wouldn't you feel compelled to help a friend in need?

A suggestion for an untraceable Western Union transfer is conveniently placed in the plea urging you to quickly do what you think is your friendly duty, but in reality, warns ESET,  it will make a scammer somewhere very happy.

So how can you spot and avoid such scams?

Here is Eset's advice:

1. Well, you can be very suspicious of such messages, however they arrive and wherever or whoever they come from. If it's clear from the headers that it was sent to more than one person, or doesn't indicate that the sender actually knows anything about the recipient other than their address (no personal touches) and so on, be careful.

2. Don't even think of responding to the request until you've verified the source with extreme prejudice.  It's always better to ring your friend instead!

3. The absence of personalisation (personal touches in the message that indicate the sender actually knows you well) is a pretty good indicator of untrustworthiness (and characteristic of all generalized phishing messages).

Remember If  a mate  was going to tap you for a few thousand, she'd probably ask after your spouse and children, for instance, however upset  she was.

However,  do bear in mind also that not all social engineering attacks are untargeted. Remember that someone who has compromised your Facebook account, for instance, would have access to your profile and those of your friends, not just your account details and contact lists, so they can actually learn many private details.

4. If the way the message is expressed is uncharacteristic (especially if it sounds more "foreign" than you'd expect), that's a pretty good indication that you're not talking to the person you think you're hearing from.

5. Be particularly skeptical when a "friend" (or, even more suspiciously, an acquaintance) wants you to send them cash by a scam-friendly channel such as Western Union. These transfers are untraceable and you're very unlikely to ever see your money again.

6. Scams are sometimes very inventive in social engineering terms, but not necessarily hi-tech: take reasonable precautions to avoid having your accounts (email, Facebook, other social networking sites) compromised.

Use hard to break passwords, don't use the same password for multiple accounts, and be on the lookout for any attempt to trick you into giving your password away, and that will reduce your attack surface.

"Icelanding" is a term derived from "Londoning", a term used to described these sort of scams in the past.

See more here:
http://www.eset.com/blog/2010/03/23/londoning-mugs-and-muggings-revisited

Visit Reflex - ESET Distributor in Ireland

People reading this article also read....

More ESET News on IrishDev.com

More Virus News on IrishDev.com

More Twitter News on IrishDev.com

More Facebook News on IrishDev.com

Get Instant Updates....

Join IrishDev.com on Facebook and Twitter