I got rused by a fake phish
I hadn't thought this story was so funny, until yesterday when I told it to Mike and Melina Murray. That in it self says something about me that you will understand at the conclusion of my tale. Me, Mike and Melina were laughing so hard at my expense. He looked at me and said "you have to blog that" and well, I hadn't realized it until then, but yes, its worthy of a blog post.
Two weeks ago I received an email. The subject was simply "You are invited to our Halloween Party". Obviously spam, I was thinking, but just perhaps maybe it's a real party from someone that hadn't told me they were having a party. Upon opening the email, I discovered it to be an Evite to a party. Or rather so it looked like an Evite to a party.
Immediately, without conscious thought, I was hovering my mouse over the links looking for anything strange. No odd links could be found. Yet, that did not stop my process. Next, a look at the email headers resulted in what appeared to be a legitimate email. "This simply has to be the best malware email delivery I've seen in a long while" was the exact thought I had formulated.
Quickly, I grabbed the entire email contents and HTML source. Then I opened up vi and pasted it all in there. Line by line I examined the contents. Every X header, every mimetype, every HTML tag was scrutinized. A few minutes later, I leaned back in my chair and asked out loud, "Where is the misspelling? Where is the remedial English?".
Still, having not fallen for this malware, this well designed phish; I decided to just see what happens upon clicking on these links. I grabbed a VM and put it on the guest network. I was bold, I was so intrigued to see what Trojan was going to get downloaded. I clicked that link with gusto. A few seconds later, an Evite loaded up in my browser. I checked the URL. I checked DNS. I examined the HTML source. I reviewed any chance of XSS. It was an honest to gosh Evite.
I had come to learn that Suzy and Jeff must had accidentally mistyped their friend's email and as a result, I got invited to their Halloween bash. Yup, Carrie was bringing her two kids and a bunch of Apples for dunking. Sarah and Doug were attending as well, they would be toting their daughter and some guacamole.
By this time, me, Mike and Melina are laughing so hard that other people in Starbucks are looking at us strange. Through Mike's tears of laughter, he asks, "Did you let them know they got their friends email wrong?"
I respond, "No way, maybe its actually a spam troll looking for valid email addresses!"
Comments (2)
Heh. It never hurts to be paranoid.
Posted by Ben | November 1, 2008 4:00 AM
Posted on November 1, 2008 04:00
I knew my paranoia would rub off on someone eventually! That and EVITES ARE SPAM! JUST SAY NO!
Posted by cvoid | November 3, 2008 11:07 AM
Posted on November 3, 2008 11:07