Honey traps on the Internet
In the world of espionage, a ‘honey trap’ traditionally involves a seductive encounter designed to coax information out of an agent, or to compromise him in his work.
Of course, the life of an ordinary person rarely features such mysteries and dangers. However, he (and in the vast majority of cases it is men who are the intended targets) should be watchful too. Numerous scammers, marriage fraudsters and other shadowy characters are out to manipulate the natural human desire to find a partner. This kind of criminal has long chosen the Internet to set traps on the web pages and through advertising. They even cast their nets into your email box. So the virtual "honey trap" is not uncommon on the World Wide Web – and once dazzled by a momentary passion, a user can easily find himself left without money or with a nasty infection on his machine.
Pleased to meet you?
Online dating sites have long occupied their niche on the Internet. There are millions of users registered on major dating resources (match.com, badoo.com mamba.ru, loveplanet.ru) and the popularity of online dating could hardly escape the attention of fraudsters.
Spam emails inviting the reader "to meet a nice young girl" or just "spend a night" have become quite common. Of course, they are in no way related to the major dating portals. Responsible sites care about their reputation and regularly check their users, while on the contrary spam emphasizes that registration is not required on the sites being advertised. By clicking the links in these emails the user runs the risk of infecting his computer with malware which is usually downloaded instead of the promised photos of a beautiful stranger.
Below is an email in Russian containing an advert from an online dating site. The message offers the chance to make new friends and start serious relationships. Dates can be arranged, while special apps are offered to chat, flirt and rate photos. The recipient first needs to register.
From: Лаура Поиск новых знакомств с целью дружбы и серьезных отношений, а также попутчиков. Возможность назначать свидания. Онлайн-игры, приложения для общения и флирта, рейтинг фотографий. Регистрируйтесь, начинайте знакомиться и получать удовольствие от общения» Кто-то ждем именно Вас прямо сейчас! Это место, где осуществятся Ваши желания! {LINK} ***********.5ballov.ru |
But the link in this email led to an infected web page:
Phishing attacks are yet another threat. For example, Russian Internet users have recently started receiving mails inviting them to “adult sites” supposedly connected with the popular Odnoklassniki (classmates) social network. To access this site, users had to enter their login and password. All these sites turned out to be phishing – the scammers used them as bait to access Odnoklassniki accounts.
In addition, some of these bogus sites also asked for a phone number, potentially sparking a torrent of mobile spam.
A matter of technique
These fake sites not only pose risks associated with phishing or malware – they can also jeopardize the wealth of the unwary user.
One simple scam to loosen the users’ purse-strings is to demand registration or confirmation of age via a text message costing from 0.30 USD to 12 USD. However, once the money has been spent no access is provided – because there is no content to access.
Usually, these web resources do not last long – in a few weeks or even days the fake welcome pages of online dating sites disappear, or their content is changed to typical spam adverts (Viagra, etc.)
The mobile phone often turns out to be the ally of the “honey trappers”, who sometimes use rather crafty tricks. For example, Internet forums have started to publish messages from bewildered visitors to a dating site. They tried to communicate with the authors of the profiles via instant messaging on this website. However, they gradually realized that, far from flirting with a pretty girl, they were prompting mechanical responses from a robot. Since each message from the user was sent via a text message – at the user’s expense – the fraudsters quickly racked up profits from each visitor.
All you need is spam
Any dating site relies heavily on a large user base – so scammers use all their tricks to lure as many visitors as possible. Spam is the key tool here. Generally, unsolicited adverts promoting these web resources are distributed using very basic techniques. Most junk emails are messages containing two or three sentences and a link to a dating site. In many cases, the text of the message is generated automatically using templates of typical phrases - clearly visible if you look through several emails in a row. The format is very simple without any images. The text is primitive with lots of mistakes. All the author of the email needs is to lure the unwary recipient to a specific web resource – after that it is a purely technical matter.
Similar emails are spread widely in almost all major languages. The quality of the texts leaves much to be desired so the spammers bulk up the quantity: the volume of such mass mailings is literally enormous. The idea is very simple – there will always be a certain number of people who fall for it.
Of course, spammers do not neglect more prosaic ways of making money: the distribution of emails advertising brothels under the guise of saunas, prostitutes’ profiles, etc.
Dying to meet you
The most creative type of junk mail which has not lost its popularity throughout the years is the so-called
The more romantic authors of these letters target potential victims registered on dating sites.
The girl, who is allegedly writing the email, usually lives in a distant, war-torn African country. If the user is registered on the dating site, the girl’s first email lets him understand that she is madly in love with him. If the email arrives as part of a mass mailing, the girl’s feelings develop in the course of correspondence, becoming clear from the second or third email.
Below is one of the spam emails sent to tens of thousands users in January:
Subject: Hello my dearest Friend in mind with hope you are good healthy? Hello my dearest Friend in mind with hope you are good healthy? How are you today and your work with hope all is well? Praise the day. I am very happy to meet you today I know this mail will find you in good health and also surprised, but I believe God has his own way to bring people together considering the fact, we have not know each other in person or even have seeing before, forgive my indignation if this mail comes to you as a surprise and may offend your personality for contacting you without your prior of consent, my name is Nadine Konan Soro, it's my pleasure to contact you today for a serious relationship, I saw your profile today from your Country data base dueling my browsing in the Internet I become interested in you, I would like us to know ourselves more better I believe we can become a good Friend I like you for being my friend and I also seek advice from you that will help me, My dear, please write back to me so I'll tell you more about myself also send you my picture, Please do not let a humble heart that is lonely and looking for your reply, because friendship is a foundation to build other relatives, Remember that religion does not matter what matter is understanding and sincere matters a lot in life, I believe it's a day human beings use to know each other let makes the world a global village, I will be expecting to hear from you, I wish you happy near year and prosperous new year of the 2013 and prosperity Have a great new year and remain blessed, |
The fiancée-to-be may tell her would-be husband the heart-rending details of her life. The girl’s faithfulness is confirmed by emails from her pastor and her lawyer.
Very soon the potential groom finds out his fiancée is an heiress to a million-dollar inheritance and is willing to share her wealth with her betrothed. However, to get his bride and her money out of the country her future husband is asked to pay for some legal services. The sum may amount to thousands of dollars but it pales into insignificance compared with the millions which will soon arrive in the groom’s bank account. Having received the money, the fake beauty, the pastor, the lawyer and the millions vanish into the vast expanses of the Internet.
These tactics need long-term correspondence because very few people would agree to pay considerable sums guided by their heart rather than their head. The first emails from the potential patsy are answered by the robot but once the fraudsters understand they have got a chance to make hay, they immediately enter the correspondence. Processing a potential victim can last a long time and here an individual approach and an understanding of psychology are especially important.
Depending on the how good the scammers’ skills are, they may try to gain unauthorized access directly to a user’s account by using social engineering techniques. This approach is laborious, but it pays off: the prize is greater than that from ordinary online fraud.
Then there are the fraudsters who send emails on behalf of "Russian brides". Such emails mostly target users in western Europe and the US.
Subject: hello I just saw your profile on a dating site. You're an interesting man. And of course I liked you. I'm looking for a good, good and good guy for friendship and possible serious relationship. I send you my picture. Now do you see what I look like, and I hope that I'm your type. Reply to my email, if I am interested you. And do not forget to send me your photos. |
Unlike the "Nigerians", these "Russian" brides are damsels in distress who invest their hopes in a future with a rich husband. It turns out that they only need money to buy an air ticket and finally meet the man of their dreams – and of course they will not refuse any presents that come their way.
It’s hard to believe that anyone with any common sense would get suckered by such a preposterous story. However, according to the media, the number of victims of fake bride scams remains constant, even though these adventures may end tragically for the “groom”. Two years ago there was a story on the Internet about a US citizen who
Follow the safety rules!
The Internet offers ample opportunities for communication. However, it is not always a safe place to search for romance.
We have described only a few of the honey traps lying in wait on the Internet. To avoid disappointment, follow these safety rules:
- Do not visit unknown dating sites, especially those advertised in spam
- Do not open emails from unknown senders
- Do not reply to emails if they seem suspicious
- Do not trust excessively generous or doubtful offers even if they are made by a pretty girl or a handsome man
- And, the most important piece of advice, use reliable security solutions to protect your computer
In conclusion, we wish our readers success in finding their true love – and avoid the bait of the fake paramours lurking on the Internet.
НОВОЕ НА САЙТЕ
Главная
Методы обнаружения вирусов
Классификация антивирусов
Недостатки
Новости антивирусов
Антивирус Касперского
Антивирус Dr.Web
Антивирус Nod32
Антивирус Panda
Антивирус Avira
Антивирус Avast
Антивирус AVG
Вирусные новости
Горячая лента угроз и предупреждений о вирусной опасности!
Лента уязвимостей
Новости Безопастности
Вирусный Лист
Аналитические статьи
Каталог
Спам в июле 2011 года
Обзор DDoS-атак во втором квартале 2011 года
Спам во втором квартале 2011
Развитие информационных угроз во втором квартале 2011 года
Обзор вирусной активности - июль 2011
Наборы эксплойтов в первой половине 2011 года
Спам в июне 2011 года
Обзор вирусной активности - июнь 2011
Дети онлайн: техника безопасности
TDL4 - Top Bot
Спам в мае 2011 года
Землетрясение в Японии - хронология IT-угроз
Спам в первом квартале 2011
Спам в апреле 2011 года
Развитие информационных угроз в первом квартале 2011 года
Спам в марте 2011 года
«Рекламный» ботнет
Обзор вирусной активности - март 2011
Спам и закон: осеннее противостояние
Мобильная вирусология, часть 4
Планета, захваченная спамерами
MYBIOS. Возможно ли заразить BIOS?
Спам в августе 2011 года
Обзор вирусной активности - август 2011
ZeuS-in-the-Mobile - факты и догадки
Обзор вирусной активности - сентябрь 2011
Спам в сентябре 2011 года
Спам в третьем квартале 2011
Обзор вирусной активности - октябрь 2011
Развитие информационных угроз в третьем квартале 2011 года
Спам в октябре 2011 года
Головы Гидры. Вредоносное ПО для сетевых устройств
Легальные буткиты
Онлайн-платежи - удобно и безопасно
Обзор вирусной активности - ноябрь 2011
Троянцы-вымогатели
Спам в ноябре 2011 года
Stuxnet/Duqu: эволюция драйверов
Спам в декабре 2011 года
Поздравляем, вы выиграли! или Что скрывается за лотереями в интернете
Kaspersky Security Bulletin 2011. Развитие угроз в 2011 году
Kaspersky Security Bulletin. Основная статистика за 2011 год
Kaspersky Security Bulletin. Спам в 2011 году
Спам в январе 2012 года
DDoS-атаки второго полугодия 2011 года
Мобильная вирусология, часть 5
Обзор вирусной активности - февраль 2012
Спам в феврале 2012 года
Спам в марте 2012 года
Обзор вирусной активности, март 2012
Анатомия Flashfake. Часть I
Спам в первом квартале 2012
Спам в апреле 2012 года
Развитие информационных угроз в первом квартале 2012 года
Обзор вирусной активности - апрель 2012
Анатомия Flashfake. Часть II
Спам в мае 2012 года
XPAJ. Исследование буткита под Windows x64
Спам в июне 2012 года
Развитие информационных угроз во втором квартале 2012 года
Спам в июле 2012 года
Спам во втором квартале 2012
География киберпреступлений. Западная Европа и Северная Америка
Спам в августе 2012 года
«Этот сайт может причинить вред вашему компьютеру». Как распознать и предотвратить заражение веб-сайтов
Спам в сентябре 2012 года
Безопасность ключевых систем информационной инфраструктуры: точка доверия
Развитие информационных угроз в третьем квартале 2012 года
Спам в третьем квартале 2012
Спам в октябре 2012
Kaspersky Security Bulletin 2012. Кибероружие
Kaspersky Security Bulletin 2012. Основная статистика за 2012 год
Kaspersky Security Bulletin 2012. Развитие угроз в 2012 году
Спам в ноябре 2012
Информационная безопасность в 2030 году: прежними останутся только люди
Спам в 2012 году
Спам в декабре 2012
Нигерийское наследство ждет вас
Отчет «Лаборатории Касперского»: оценка уровня опасности уязвимостей в ПО
«Операция Абабиль»: итоги
«Медовые ловушки» в интернете
Контроль запуска программ как залог безопасности сети. Часть 1
Контроль запуска программ как залог безопасности сети. Часть 2
Спам в январе 2013
Мобильная вирусология, часть 6
Спам в феврале 2013
Winnti. Это вам не игрушки
Анализ Winnti 1.0
Спам в марте 2013
Spyware. HackingTeam
Спам в первом квартале 2013
Развитие информационных угроз в первом квартале 2013 года
Спам в апреле 2013
Спам в мае 2013
Перенаправления в спаме
Спам в июне 2013
Спам во втором квартале 2013
Развитие информационных угроз во втором квартале 2013 года
Anti-decompiling techniques in malicious Java Applets
The curious case of a CVE-2012-0158 exploit
Spam in Q2 2013
Spam in June 2013
Redirects in Spam
Spam in May 2013
Spam in April 2013
IT Threat Evolution: Q1 2013
Spam in Q1 2013
Spyware. HackingTeam
Spam in March 2013
Spam in February 2013
Mobile Malware Evolution: Part 6
Spam in January 2013
Application Control: the key to a secure network. Part 1
Application Control: the key to a secure network - Part 2
Honey traps on the Internet
Kaspersky Lab report: Evaluating the threat level of software vulnerabilities
Spam in December 2012
Kaspersky Security Bulletin: Spam Evolution 2012
Спам в июле 2013
Как закрыть черную дыру?
DDoS-атаки первого полугодия 2013 года
Операция «Kimsuky»: северокорейская разведдеятельность?
Защита от виртуальных грабителей
Спам в августе 2013
PAC - файл автоконфигурации проблем
Проигрыш обеспечен, или настоящее лицо фальшивой Фортуны
Спам в первом квартале 2014
Спам в марте 2014
Развитие информационных угроз в первом квартале 2014 года
Финансовые киберугрозы в 2013 году. Часть 2: вредоносное ПО
Финансовые киберугрозы в 2013 году. Часть 1: фишинг
BitGuard: система принудительного поиска
Спам в феврале 2014
Мобильные угрозы - 2013
Спам в январе 2014
Угроза из BIOS
Спам-кредиторы: кража данных, троянцы и другие особенности «дешевых» займов
Kaspersky Security Bulletin. Спам в 2013 году
Спам в декабре 2013
Спам в ноябре 2013
Kaspersky Security Bulletin 2013. Развитие угроз в 2013 году
Kaspersky Security Bulletin 2013. Корпоративные угрозы
Kaspersky Security Bulletin 2013. Основная статистика за 2013 год
Kaspersky Security Bulletin 2013. Прогнозы
Новая угроза для онлайн-банка
Спам в апреле 2014
Дети в Сети: формула безопасности
Обманщики в социальных сетях
Многофункциональный DDoS-троянец под Linux
Спам в мае 2014