St. Andrews School Turi Alumni’s wanted
Delta Makes Travel to Africa More Affordable with Special Fares to Kenya and Liberia
Parking tickets Scam
But that’s the latest — and intensely clever — way that hackers are attempting to goad people into visiting infected websites and willingly install malware on their machines.
The scam is instantly clever once you hear how it works: Hackers print up phony "PARKING VIOLATION" notices and plaster them on cars parked on the street. The phony ticket directs the car’s owner to visit a certain website, and of course the website in question (which largely seems to comprise of photos of badly parked cars) is a hack site which attempts to install malware on your PC.
Essentially what we have here is a phishing attack that takes place in the real world instead of via email. The use of fliers on parked cars is what’s truly ingenious: A similar attack sent via postal mail would probably have minimal effect, but people are incredibly protective of their cars, and I imagine these windshield fliers will actually have a pretty good percentage of people typing in the URLs typed on them.
The good news — for now — is that the fliers are extremely crude, printed on yellow paper and offering nothing in the way of legal language that would compel a sophisticated and naturally skeptical reader to even visit the website in question. Like the earliest email phishing attacks, this attack may be simplistic, but it’s probably a precursor of more advanced attacks to come. When hackers scan in real parking tickets and reprint them, replacing the URL printed there with one for a sophisticated attack site, then the sparks are going to start flying. (Installing malware is boring by comparison… I expect the real attacks will involve collecting money and hijacking credit cards and bank accounts wholesale.)
This appears to be a very limited attack (reported only in Grand Forks, North Dakota) for the time being, but it’s a good idea to keep your skepticism handy next time you receive a parking "violation," just in case.