We're all wary (and weary) of receiving a 'dodgy' tweet or email that leads to an even dodgier site. These are now becoming nastier, with payloads embedded in Twitter links, with random '@'s being used to catch users' attention.
The image above is an example of a shortened url, which leads to a site hosting some JavaScript. The potential pitfall of a shortened url.
Trendmicro explains that if this link were to be clicked, an “unpleasant payload” would be downloaded to the unsuspecting user’s PC.
Other recent examples include the Gaza and FIFA World Cup spamming campaigns, which used social engineering to make users think they were clicking on a news item. The malware downloaded in these cases were able to send and receive files and retrieve user names and passwords.
ليست هناك تعليقات:
إرسال تعليق