20 January 2007
Shadows of Cyberspace: "Dynamite Phishing:" Is it spyware or phishing? You be the judge.
One of my folks got an email today purporting to be a notification about Windows file errors. Now, he didn't follow any links in it - since I taught him to watch out for that sort of thing - but I ran into a small dilemma while examining it.
The email linked to a randomly-generated subdomain on a domain close to sick-online-games.orgy (for obvious ethical reasons, I won't put a working link to a possibly dangerous domain here).
I'm pretty sure that this email used a technique which I don't have a proper name for - deceiving users into downloading a program that claims to do something beneficial, but likely does something malicious.
While "Trojan horse" might apply to this program, it seems to be a poor fit. When I think of a Trojan horse, I think of something at least somewhat targeted; this thing seems to be spewed out at random. What it really is, is a combination of spyware and phishing.
Expounding on the analogy of "spear phishing" - which is a phishing email specially crafted and targeted to a single person or company - I propose the term "dynamite phishing."
In real life, some (unscrupulous) fishermen have used dynamite (or other suitable explosives) to stun or kill large numbers of fish, which then float to the surface.
Similarly, a computer program (malware) distributed through a phishing email would have much more potential impact - power - than simply scamming the user out of a single set of information. That malware could continue to spy on the user and steal information indefinitely; it's the "dynamite" in dynamite phishing. ¶ 1/20/2007 05:22:00 AM
One of my folks got an email today purporting to be a notification about Windows file errors. Now, he didn't follow any links in it - since I taught him to watch out for that sort of thing - but I ran into a small dilemma while examining it.
The email linked to a randomly-generated subdomain on a domain close to sick-online-games.orgy (for obvious ethical reasons, I won't put a working link to a possibly dangerous domain here).
I'm pretty sure that this email used a technique which I don't have a proper name for - deceiving users into downloading a program that claims to do something beneficial, but likely does something malicious.
While "Trojan horse" might apply to this program, it seems to be a poor fit. When I think of a Trojan horse, I think of something at least somewhat targeted; this thing seems to be spewed out at random. What it really is, is a combination of spyware and phishing.
Expounding on the analogy of "spear phishing" - which is a phishing email specially crafted and targeted to a single person or company - I propose the term "dynamite phishing."
In real life, some (unscrupulous) fishermen have used dynamite (or other suitable explosives) to stun or kill large numbers of fish, which then float to the surface.
Similarly, a computer program (malware) distributed through a phishing email would have much more potential impact - power - than simply scamming the user out of a single set of information. That malware could continue to spy on the user and steal information indefinitely; it's the "dynamite" in dynamite phishing. ¶ 1/20/2007 05:22:00 AM
