Most of the buzz around the awards season centers itself around the winners, and the audience’s and critics’ biggest bets. While contenders are not quite set aside as a settled affair, it’s always still sufficiently delightful to await the disclosure of what remains a mystery to all: the Academy Award winners. As we know it, the Grammy’s, Golden Globes, SAG awards, and Critic’s Choice awards serve as the precursor that suggests the competitive slate of nominees for the biggest prize-giving night happening on February 22. This culmination has brought many enthusiastic fans and pundits to search, discuss, and even write on their blogs about movie releases, awards schedules, premieres, and other events related to it.
As the stakes run high for this month’s huge awards night, cybercriminals are coming up with their own list of surprises to victimize unwitting users. Unfortunately, the quickest way to an eager fan’s heart is through cleverly-strewn gossip, stories, and offers, which the bad guys have efficiently mastered. In the past, we’ve seen poisoned search results, suspicious links, and other fake offers that lead to malware download. Just like an actor’s captivating tour de force, most cybercriminals are experts in using these social engineering techniques especially during high-profile events like the awards season.
[Read more on The Most Popular Social Engineering Lures Used in 2014]
Before you revel in the final vestiges of suspense, know first how you can protect yourself from various online threats by learning what they’ve been using as lures to fool you. Here’s a breakdown of a few of the schemes used. The nominees are…
Technique used: Invisible ink and microfont
Even if the Golden Globes are over, people continue to search for the latest news on celebrities, after parties, and other succeeding events tied to the occasion. You can see in the first photo an email wherein a message appears to be normal. However, in reality, spammers are using the invisible ink technique which you can see in the second image.
This technique is used to conceal gibberish words or phrases while using the same font color and background color (i.e. font color: white; background color: white). The unknowing user will not be able to tell that the email is actually malicious. In the third image, attackers used micro fonts to hide the suspicious looking links.
The widely anticipated Academy Awards is already steering fans towards the wrong direction. Based on our findings, cybercriminals are using this popular event to lure users to open spammed emails. These emails, just like the ones we found in Grammy-related threats, use the invisible ink technique as well. Hence, users won’t be able to tell if the email is malicious or not.
Buzz-worthy events are among the most popular baits cybercriminals use. If you’re not careful, you may end up hacked, robbed, and distressed, as they are ultimately after your money, your identity, and your network as well. While there can be many ways for an attacker to get to you, you can take these simple steps to avoid social engineering attacks:
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.