[ISN] John Howard the new Paris Hilton?

From: InfoSec News (alerts@private)
Date: Fri Feb 23 2007 - 01:25:30 PST


http://www.zdnet.com.au/news/security/soa/John_Howard_the_new_Paris_Hilton_/0,130061744,339273788,00.htm

By Scott Mckenzie
ZDNet Australia
23 February 2007

commentary - At what point does one achieve the status of cultural icon? 
Let's be honest: socialite Paris Hilton is an icon, Larry Ellison isn't 
-- although techies and geeks might disagree about the Oracle honcho.

A good benchmark of your "public status" is a guest appearance on the 
Simpsons. If you haven't appeared with Homer and Bart then you really 
are a public nobody.

Looking at a list of celebrities who have appeared as themselves or 
played other characters over 19 seasons reads like a who's who of the 
rich and famous. In no particular order U2, the Rolling Stones, the 
Ramones, David Duchovny, Gillian Anderson, Elizabeth Taylor, Danny 
DeVito, Dustin Hoffman, Tony Blair, Michael Jackson ... the list goes on 
and on.

A name you won't find on the Simpsons' Honour Roll, however, is our very 
own Prime Minister John Howard. Yet, this week Howard achieved a 
cultural status of sorts -- one which puts him at least on the same 
level as (the notorious) Miss Hilton.

All jokes about scandalous "home movies" and attending the opening of an 
envelope aside, this rise to the top of the cultural heap is one which 
Howard is not likely to be pleased with. And it's not because it puts 
him on par with Hilton.

Some readers may remember back in 2005 an e-mail which promised erotic 
photos of hotel heiress Hilton, doing the rounds of cyberspace. The 
e-mail was found to have contained two worms -- Sober-K and Ahker-C -- 
that destroyed security settings on PCs.

Over the last seven days Howard has been the subject of a similar e-mail 
that also contained a (potentially) nasty surprise.

As reported on ZDNet Australia, the e-mail was titled "John Howard, the 
current Prime Minister of Australia has survived a heart attack." The 
e-mail claims Howard suffered the heart attack while at his residence 
Kirribilli House and is fighting for his life in hospital.

The e-mail then provides a link purporting to be an online news report. 
Users that click the link, however, are directed to a standard "404 
error" page which downloads a trojan to their computer.

As a result hackers may have captured the login details of around 750 
Australian banking customers, according to security firm Websense. It 
went on to claim that up to 2,500 people around the world have been 
infected by the trojan, which monitors Internet activity, including 
logging key strokes.

The reality is miscreants know that the promise of porn -- such as the 
Paris Hilton virus -- or an e-mail that tugs at the heartstrings (PM 
suffering a heart attack, perhaps) mean that some computer users will 
throw all caution out the window and download attachments or click links 
to Web sites.

Having a strict security policy in place, even one that is policed, is 
no guarantee that a firm will not become infected with an e-mail virus. 
And hackers know that, they understand that it is human nature to be 
curious about celebrities or personalities.

Cybercrooks prey on our interest in popular culture and can profit from 
even the smallest percentage of users either taking the bait and 
clicking on a link to a Web site or despite the years of warnings 
downloading attachments.

-=-

Have you been tempted to download with a subject about a cultural icon? 
Does your company have a security policy? Has your firm ever been 
infected by an e-mail virus? How would you police human nature? E-mail 
me at scott.mckenzie (at) zdnet.com.au and give me your feedback.


______________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss



This archive was generated by hypermail 2.1.3 : Fri Feb 23 2007 - 01:50:46 PST