Beware: Walking Dead Phishing Schemes and Malware
This post is meant to act as a means to inform people that there will be Walking Dead Phishing Schemes and Phishing in the coming days as well as associated malware. These are from my own perspective. While I make every effort to be thorough and hit every aspect, there are times that I inadvertently omit things or skip them due to scope, time, length or applicability. Email any questions you have about this or any other topic to [email protected]
This seems to be a growing trend, but every time a major pop culture event occurs, fraudsters and other schemers take to the internet to deceive. Tonight’s Season 7 Premier of AMC’s The Walking Dead is no different.
I have not noticed anything phishy talking about who met Lucille (Neegan’s baseball bat covered in barbed wire), but I assure you – they are coming. This will akin to Prince’s Death, the Election (upcoming), and Hurricane Matthew (pathetic – I know). The posts and emails will be targeting two groups of people: the super fans that cannot get enough of The Walking Dead and those who are clicking only for the pop culture reference or to jump on the proverbial bandwagon.
Expect something to this tune:
This capitalizes off the aim for urgency, status quo, fitting in, or suspense in successful Social Engineering attacks. While the victim may find out who (if anyone) was killed on the show, they may get more than they bargained for. Read my advice below for some tips to stay secure.
My advice to you in staying secure during these possible times for major hoaxes is to follow these tidbits of wisdom:
- If it seems too good to be true – it probably is.
- If it claims to give inside information or spoilers ahead of time – it will probably spoil your system (with malware).
- Only view reputable sites and social media for such news. If for a TV show like The Walking Dead, check AMC (or the appropriate network).
- When clicking links on social media platforms, hover over the link and observe the website that it’s sending you to.
- If the website is a shortened or obscure URL like bit.ly (nothing against them, but this is a popular attack method), right click “Copy Link Address” and go to Virus Total (A Google Project) and select URL then paste it and “Scan It!”
- This will tell you if the URL is known to be malicious. Just because it says no does not mean that the site is safe, it may have not been reported enough yet.
- You can also use this site for uploading software to check it for malware as well.
- Ask someone like myself or another information security professional.
How attackers can streamline this for your area
Simply, using hashtags associated with The Walking Dead or TWD would be a simple “spray and pray” approach. Alternatively, they can use Justin Nordine‘s OSINT (Open Source Intelligence) Framework. This allows various attack methods, but for this, I would recommend using the Social Networks > Twitter > Location / Mapping > GeoChirp or MIT Map. This allows me to look at maps of areas and see what is trending on Twitter in near real time if the person tweeting has location services on.
Alternatively, I can take a page out of Justin Seitz‘s book and write a python script that interacts with Twitter API (Automated Programming Interface) and look at tweets within a certain context: such as hashtag, user, or geographic area. This could also be used to build tweets and poison the well per se as well. For this, I can integrate with other tools like OSINT Framework or Social Engineer Toolkit to build a good phish, back story, or pretext for attack.
OTHER APS POSTS
Implications of Powershell Going Open Source
Yahoo Data Breach: What We Know Now
Most of What You Need to Know: Wi-Fi
Cybersecurity & the US 2016 Presidential Election
Most of What You Need to Know: Passwords
Change Your Email Password Now!
Qatar Bank Breached After Bangladesh
Bangladesh Bank Loses 80 Million USD
Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). To learn more about us, check out our “About Us” page.