Drivers in a US city were duped into downloading malware onto their computer by fake parking tickets.
Criminally minded 'hackers' have managed to con residents of Grand Forks, North Dakota, into infecting their own computers with malware - using a fake parking ticket scam.
This attack is believed to be the first 'real world' scam successfully orchestrated by hackers, although experts predict that it is unlikely to be the last.
The scam's bait came in the form of yellow parking tickets placed on the windscreen of numerous vehicles parked in the city's car parks.
The tickets informed drivers that their vehicle was "in violation of standard parking regulations" and instructed them to visit a website in order to "view pictures with information about your parking preferences".
The scammers had the foresight to set up a hugely convincing website featuring images of cars parked in recognisable locations around the city, so the drivers had no qualms about believing it was genuine.
On visiting the site, the drivers were instructed to download and install a tool bar to search for images of their own vehicle. However, far from being legitimate functionality, the 'Vundo Trojan' was released onto their computer once they had done this. The Trojan then proceeded to download numerous other malicious applications, including a fake anti-virus scanner.
It is not yet clear how many individuals fell prey of the scam, or the extent of the damage called by this 'real world breach'.
"Attackers continue to come up with creative ways of tricking potential victims into installing malicious software." said Lenny Zeltser, an anti-virus analyst writing on the SANS Institute blog.
"Merging physical and virtual worlds via objects that point to websites is one way to do this. I imagine we'll be seeing such approaches more often."
