Dumb or Devilish? You Decide…

[Update: so far I have two votes for dumb. Maybe I'm giving this spammer too much credit, and it is a simple "spam template fail" ;-) On the other hand, while I wouldn't vote "evil genius", I'd still love to know how many people actually fall for this – I don't have a problem envisaging a naive victim. :)]

Sophos's Graham Cluley has published a blog about his contender for "the dumbest malware attack he's seen this week": spammed malware received on the 19th March with an attachment that's supposed to be a Christmas card.

Well, I take his point: it does seem pretty stupid.

But let's think about this for a moment. Of course, if you're reading this, you're probably cautious already about opening spammed attachments and less susceptible to this particular social engineering ploy (and, hopefully, running up-to-date security software which might well catch it). But if you were one of the more naive or less well-informed people who do click on attachments without thinking too hard about it, would you be put off by the anachronistic timing? Or would it make you more curious?

I think you might actually want to know who it was from and why it was so late. What do you think?

Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/

Also blogging at:

Author David Harley, ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.