A malware scam in the US is utilising somewhat low-tech tactics to attract potential victims, with hackers issuing fake parking tickets to vehicles across car parks in Grand Forks, North Dakota.
The innovative scammers attached fake parking penalty tickets to car windscreens across the region, advising the driver to visit a URL to see photographs and further details of the “offence”. The message reads:
This vehicle is in violation of standard parking regulations. To view pictures with information about your parking preferences, go to [URL]
The URL listed on the flyers then downloads a hack which takes advantage of flaws in Internet Explorer although attempts are also made to coerce users into installing fake antivirus scanner packages.
It is believed that the hackers have taken to the unusual method in an attempt to avoid detection through traditional antivirus software measures, which include systems to prevent email spam, phishing attacks and firewall breaches.
By using the medium of parking fines, hackers appear to have selected a subject that would typically genereate an angry response, encouring users to visit the URL to challenge the ticket.
Lenny Zeltser, an anti-virus analyst at the SANS Institute, told the Register: “Attackers continue to come up with creative ways of tricking potential victims into installing malicious software. Merging physical and virtual worlds via objects that point to websites is one way to do this. I imagine we’ll be seeing such approaches more often.”