A Word About Social Engineering

I had a computer brought to me this last week with a variation on the FBI Rogue with a really interesting twist. It had infected a Laptop computer with an integrated Webcam and it had then taken control of the webcam and snapped a picture of the computer user and then used that picture on the Rogue/Fake Antivirus screen. This is a new (to me) twist in what we call Social Engineering.

Now 99.9% of computer users know that you should not open that attachment on that strange EMail (which is likely from someone you know) or click that link in that strange EMail that you just got (probably also from someone you know). So how can the virus writers infect your machine if 99.9% of everyone knows not to do that?

Well there are several ways, and absolutely everyone needs to read this article to understand what some of those ways are, but the virus writers have not given up their traditional approaches either, and thus we need to have a quick discussion about Social Engineering.

The FBI Rogue is a great example. If you actually read what it says on the screen when this infects your computer, you will read threats that your machine has been doing illegal things or that you have, that it will threaten to file criminal charges against you, and that all of this will happen to you if you do not pay them $400.00.

It is the same thing as a spam EMail that comes in and says “IRS Notice of Under-reported income” or “Foreclosure Notice”. Of course all of these are lies but they are designed to get you upset and out of your normal frame of mind. The virus writers know that if they can get you out of your normal frame of mind then it is more likely that they can get you to click that link or open that attachment.

In the example case, my customer acted very smartly. As soon as he saw his own picture next to a screen with an FBI Logo, he immediately turned off his computer and left it off until he was able to get it here to my lab in Cypress. I was able to clean the machine for him and we prevented that FBI Rogue from spreading to anything else on his home network.

Of course the FBI Rogue has nothing whatsoever to do with the real FBI. They are just trying to scare us. Do not let them.

Joseph

Leave a Reply