Richard Freeman on 14 Jul 2010 08:26:45 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Laptop recovery--useful data to collect?


On 07/13/2010 10:10 PM, Randall A Sindlinger wrote:
If you make a honeypot "banking" encrypted directory, you'll
probably be more likely to get a bite.  Why reformat when you can
copy it off, crack it, and get account numbers, etc?


You could mix in some social engineering.  Include the "bank's" phone
number and instructions for resetting your credentials, address, etc.
Make it look like you copy/pasted them out of some email/etc.  Something
like:

If you lose your PIN and need to update your trust fund payment
information please contact <phone-number-you-control> and ask for
customer service.  Please provide them with your account number
4837284, and the PIN recovery code 152875-43XB.  They will issue you
a new PIN number, and work with you to update the contact information
on your account.  Be sure to save these instructions in a safe place,
as you will need to have this information to access the
$27,245,873.23 that currently resides in your account.

Then when you get a phone call you can carefully "authenticate" them,
and be sure to get the correct mailing address and bank account details
so that they can try to drain your account.

And no, I didn't write that email you just got from your long-lost
cousin in Nigeria...

Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug