Internet security center

Combining Social Engineering & Malware Implementation Techniques

Cybercriminals will often use a combination of social engineering methods and malware implementation techniques – in order to maximise the chances of infecting users’ computers:

Examples include:

  • Mimail
    This was one of the first worms that was designed to steal personal data from users’ online accounts. The worm was distributed as an email attachment – and the email contained text that was designed to attract the victim’s attention. In order to launch a worm copy from the attached ZIP archive, the virus writers exploited a vulnerability within the Internet Explorer browser. When the file was opened, the worm created a copy of itself on the victim’s disk – and then launched itself, without any system warnings or the need for any additional action by the user.
  • Hello
    A spam email – with the word ‘Hello’ in the subject line – stated ‘Look what they say about you’ and included a link to an infected website. The website contained a script that downloaded LdPinch – a Trojan virus that was designed to steal passwords from the user’s computer, by exploiting a vulnerability in the Internet Explorer browser.

© 2016 AO Kaspersky Lab.

All Rights Reserved.