ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Living Room

Hackers vs. gray matter

<< < (2/3) > >>

crabby3:
I've been getting these for months, yet another reason why any email that contains HTML goes straight to the bin.
-4wd (September 07, 2014, 10:37 AM)
--- End quote ---

I suppose you have an idea of how your info was compromised.

But... I don't understand the hacking concept.  Sure... they get email addresses and passwords but... then what?

Bogus emails aren't gonna work.  :huh:

Maybe just making a name for themselves in the Hacking Community is enough?  Bragging rights?  Whoopee...   ;D

crabby3:
Hmmm, the one that annoyed me was the old "Your IP Address is xxx.xxx.xxx.xxx" in a forum sig graphic.  Some forums when I complained they didn't even understand why I objected to the guy with the sig having my IP.  It's weird when you have to explain why they should not allow the graphical sig to be hosted on a 3rd party site that isn't one of the known image hosting ones.

-MilesAhead (September 07, 2014, 01:33 PM)
--- End quote ---

Your reply reminds me of the early days of computer generated shopping receipts.  Listing your entire Credit Card number.

Not being a litterbug saved my bacon...   :D

MilesAhead:
Hmmm, the one that annoyed me was the old "Your IP Address is xxx.xxx.xxx.xxx" in a forum sig graphic.  Some forums when I complained they didn't even understand why I objected to the guy with the sig having my IP.  It's weird when you have to explain why they should not allow the graphical sig to be hosted on a 3rd party site that isn't one of the known image hosting ones.

-MilesAhead (September 07, 2014, 01:33 PM)
--- End quote ---

Your reply reminds me of the early days of computer generated shopping receipts.  Listing your entire Credit Card number.

Not being a litterbug saved my bacon...   :D
-crabby3 (September 08, 2014, 08:43 AM)
--- End quote ---

Heh.  I worked at gas stations back in the day of the manual roller that printed the credit card number using carbon paper.  (Probably some readers looking in Wiki to find out what carbon paper is.  Maybe it has to do with archeology?)  :)

crabby3:
Hmmm, the one that annoyed me was the old "Your IP Address is xxx.xxx.xxx.xxx" in a forum sig graphic.  Some forums when I complained they didn't even understand why I objected to the guy with the sig having my IP.  It's weird when you have to explain why they should not allow the graphical sig to be hosted on a 3rd party site that isn't one of the known image hosting ones.

-MilesAhead (September 07, 2014, 01:33 PM)
--- End quote ---

Your reply reminds me of the early days of computer generated shopping receipts.  Listing your entire Credit Card number.

Not being a litterbug saved my bacon...   :D
-crabby3 (September 08, 2014, 08:43 AM)
--- End quote ---

Heh.  I worked at gas stations back in the day of the manual roller that printed the credit card number using carbon paper.  (Probably some readers looking in Wiki to find out what carbon paper is.  Maybe it has to do with archeology?)  :)

-MilesAhead (September 08, 2014, 10:23 AM)
--- End quote ---

I recall those gas station-carbon paper days as well... when unleaded was called white gas.

FWIW  Office Depot still sells *typewriter carbon paper* http://www.officedepot.com/a/products/591273/Porelon-Typewriter-Carbon-Paper-Black-8/ along with Wite-Out.  :)  Some things never die.

Stoic Joker:
Even money says the "label" is a Trojan. :D
-Stoic Joker (September 06, 2014, 10:27 PM)
--- End quote ---

Seems like way too much trouble, making a Trojan email, just to infect someone.   :huh:   Weren't the first viruses sent via email?

Don't most folks have spam/virus filters?  Pretty weak scheme.  I'm disappointed.  ;D
-crabby3 (September 07, 2014, 10:21 AM)
--- End quote ---

Quite to the contrary, this technique - which is a variant on hacking the user - cleanly circumvents all of the security software on the users machine by peaking their curiosity to the point where they simply just shut it off.

You see the modern operating systems and software have become secure enough that direct attacks are too costly (in time) to perform in bulk. You can't just attach a naughty file and have it guarantee-ably go boom when it hits someone's inbox ... So other methods have to be used. These methods focus on the weakest link in the chain, and the weakest link is the user.

Banks, mortgage companies, tax records, shipments, money transfers ... These are all common hot topic items that are likely to cause someone to rush through resolving a seemingly really important "problem". However if the resolution actually just leaves you filling out a fake form, that then makes a fake problem go away ... The fact that you just gave all of your personal information to some hacking group in a foreign country will most likely go completely unnoticed until one of your - hundred or so - alter ego's defaults on a loan...

Many of these type of soft target attacks also leave you with a bonus key logger (and etc...) as a totally free "parting gift" to see what else you might be inclined to share.

You see the whole point of the exercise is to be obvious as hell so people get cocky and say "Ha! that was stupid" ...Because that way their confidence will ultimately work against them when the one that isn't quite so obvious (because you really were waiting on an X...) shows up and bites them in the ass.



Security is a practice that must be adhered to at all times ... It is not something you install and then blindly trust to just work.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version