Wednesday, August 09, 2006
Cynthia, your card is missing
I received an e-card today from Cynthia. "Who is Cynthia?" you ask. (Hmmm, as an aside, how should that sentence be punctuated? Having a question mark and a full stop seems wrong, but so does putting the question mark right at the end.) The answer is "dunno". Anyway, as you can see from the text of the e-mail:
the URL doesn't have any kind of cookie associated with it which means it probably isn't personalised in anyway with a real e-card, but also that I can paste the link into a browser and see where it goes.
Where it went was a redirect to a site selling e-cards. So, in short, this is a spam e-mail which uses social engineering to get you to go to an e-card selling site.
It strikes me as a particularly nasty and dangerous security risk. Let's say I spam 10,000 men with an e-card from Cynthia. A small proportion of those men will actually know and possibly love somebody called Cynthia and may be tempted to send something back. They log into the site which is linked to helpfully on the bottom of the card and hand over credit card details....
------------06F1A6C9E59C735
Content-Type: text/html
Content-Transfer-Encoding: 7bit
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Hello ,
</font></strong>
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>You received an "Original Card" from Cynthia<br>
To see your card, <a href="http://original-ecards.biz/usa/ecard_recipient.html">click here</a></strong></font></p>
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>This "ecard" will be stored for one week, so<br>
print or save the "ecard" as soon as possible.</strong></font></p>
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>Thanks again for turning to 'original-cards'.</strong></font></p>
<p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>Harry Berg</strong></font></p>
</body>
</html>
------------06F1A6C9E59C735--
the URL doesn't have any kind of cookie associated with it which means it probably isn't personalised in anyway with a real e-card, but also that I can paste the link into a browser and see where it goes.
Where it went was a redirect to a site selling e-cards. So, in short, this is a spam e-mail which uses social engineering to get you to go to an e-card selling site.
It strikes me as a particularly nasty and dangerous security risk. Let's say I spam 10,000 men with an e-card from Cynthia. A small proportion of those men will actually know and possibly love somebody called Cynthia and may be tempted to send something back. They log into the site which is linked to helpfully on the bottom of the card and hand over credit card details....