Combining Social Engineering & Malware Implementation Techniques
Cybercriminals will often use a combination of social engineering methods and malware implementation techniques – in order to maximise the chances of infecting users’ computers:
- Social engineering methods – including phishing attacks – help to attract the potential victim’s attention.
- Malware implementation techniques – increase the likelihood of the infected object penetrating the victim’s computer.
This was one of the first worms that was designed to steal personal data from users’ online accounts. The worm was distributed as an email attachment – and the email contained text that was designed to attract the victim’s attention. In order to launch a worm copy from the attached ZIP archive, the virus writers exploited a vulnerability within the Internet Explorer browser. When the file was opened, the worm created a copy of itself on the victim’s disk – and then launched itself, without any system warnings or the need for any additional action by the user.
A spam email – with the word ‘Hello’ in the subject line – stated ‘Look what they say about you’ and included a link to an infected website. The website contained a script that downloaded LdPinch – a Trojan virus that was designed to steal passwords from the user’s computer, by exploiting a vulnerability in the Internet Explorer browser.
Combining Social Engineering & Malware Implementation TechniquesKaspersky
Cybercriminals will often use a combination of social engineering methods and malware implementation techniques – in order to maximise the chances of infecting users’ computers...