Combining Social Engineering & Malware Implementation Techniques
Cybercriminals will often use a combination of social engineering methods and malware implementation techniques – in order to maximise the chances of infecting users’ computers:
- Social engineering methods – including phishing attacks – help to attract the potential victim’s attention.
- Malware implementation techniques – increase the likelihood of the infected object penetrating the victim’s computer.
Examples include:
- Mimail
This was one of the first worms that was designed to steal personal data from users’ online accounts. The worm was distributed as an email attachment – and the email contained text that was designed to attract the victim’s attention. In order to launch a worm copy from the attached ZIP archive, the virus writers exploited a vulnerability within the Internet Explorer browser. When the file was opened, the worm created a copy of itself on the victim’s disk – and then launched itself, without any system warnings or the need for any additional action by the user. - Hello
A spam email – with the word ‘Hello’ in the subject line – stated ‘Look what they say about you’ and included a link to an infected website. The website contained a script that downloaded LdPinch – a Trojan virus that was designed to steal passwords from the user’s computer, by exploiting a vulnerability in the Internet Explorer browser.
Other articles and links related to engineering and implementation techniques
Combining Social Engineering & Malware Implementation Techniques
KasperskyCybercriminals will often use a combination of social engineering methods and malware implementation techniques – in order to maximise the chances of infecting users’ computers...
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.