The morning spam... Oh, look what just showed up in my inbox! An email from someone I never heard of, promising me a payment if only I will paste a decryption key into the attached document and open it. Sure, that's plausible!
What's really going on, of course, is that opening that document will run some malicious code, in a document macro. Most likely it's going to try to exploit some Windows bug (and they sent it to me not knowing I have a Mac), but you never know, there might be a Mac bug to exploit too.
Do people actually fall for things like this? Unfortunately, yes – predominantly younger people (who believe themselves immortal or are just ignorant) and older people (who just don't understand the risk). Not long ago I read a study that showed about 4% of recipients actually opened things like this – even examples like this one that aren't well-targeted or particularly convincingly worded.
Don't you be one of them!
I just marked the same thing as a spam. They didn't even get my email address right in the body text. They harvested the target email from my domain registration.
ReplyDeleteBlackwater, I tell you.