« Up close with a Bot
Fake codecs, porn and malware »

Targeted Phishing, an example.

June 2nd, 2008

I though it would be educative to break down a targeted phishing attempt, To help demonstrate how effective this type of attack can be.

I collect video games. In my quest for the ever rare peripheral, or the out of print classic game, I’ve often done business with strange companies based in far away lands.

One of those was a wonderful little outfit called Lik-Sang.  They used to carry all sorts of “hard to get” stuff from the Mecca of video game land: Japan.

Of course sometime items that were not intended for other markets could be had. Like a foreign console that would enable you to play the few titles that did not require intimate knowledge of Japanese well in advance of their US release.
This behavior generally tends to be frowned upon by the manufacturer of said products. That is why they have things such as region coded games after all.

As you would have it, Lik-Sang attracted the ire and more importantly, the scrutiny of the legal department at the Sony Corporation. This was followed by some legal entanglement better explained here: http://www.lik-sang.com/ and more importantly summarized by this comment: “As of today, Lik-Sang.com will not be in the position to accept any new orders and will cancel and refund all existing orders that have already been placed. Furthermore, Lik-Sang is working closely with banks and Paypal to refund any store credits held by the company, and the customer support department is taking care of any open transactions such as pending RMAs or repairs and shipping related matters. The staff of Lik-Sang will make sure that nobody will get hurt in the crossfire of this ordeal.”

I must admit I was disappointed that they went out of business. A couple of weeks later I received an email, apparently from Lik-Sang, informing me that I have a $10 credit on my account with them. Nothing too unusual there, as I had done business with them in the past. I was a little surprised, though. I didn’t remember any credit. I read further into the email, where they kindly asked me to fill in my Paypal user name and password account information so that they can refund me my money.

Hold on, wait a minute, my username and password?  This was a phishing attempt! I would like to believe that this was created by a crafty phisher, who decided to capitalize on the downfall of Lik-Sang, but it is much more probable that someone in the IT department at Lik-Sang decided to sell the email client list on their way out. This is another painful reminder that no matter how much you may trust the business entities that you share your email address with, things may change.

So now we have to worry about who has our email address in their databases and how well they secure this information. This only re-enforces my beliefs that the throw-away e-mail address is now a necessity. I diligently read what lands in that inbox, but everything is taken with a grain of salt.

Jean “TinFoilHatMan” Taggart

RSS feed to this site Twitter Linkedin YouTube Channel

 

RSS feed to this site Jerome Segura is a Security Analyst working at ParetoLogic.

You can contact him at:
MalwareDiaries Email

 

Pages




Security Software




Malware Top 10




Archives




Categories
 
 
 

© 2009 ParetoLogic Inc.