Public Conned by Fake Parking Tickets in First Real World 'Hacker' Scam

by Charlotte Cardingham
Posted by Hannah on 5 February 2009

Drivers in a US city were duped into downloading malware onto their computer by fake parking tickets.

Criminally minded 'hackers' have managed to con residents of Grand Forks, North Dakota, into infecting their own computers with malware - using a fake parking ticket scam.

This attack is believed to be the first 'real world' scam successfully orchestrated by hackers, although experts predict that it is unlikely to be the last.

The scam's bait came in the form of yellow parking tickets placed on the windscreen of numerous vehicles parked in the city's car parks.

The tickets informed drivers that their vehicle was "in violation of standard parking regulations" and instructed them to visit a website in order to "view pictures with information about your parking preferences".

The scammers had the foresight to set up a hugely convincing website featuring images of cars parked in recognisable locations around the city, so the drivers had no qualms about believing it was genuine. 

On visiting the site, the drivers were instructed to download and install a tool bar to search for images of their own vehicle. However, far from being legitimate functionality, the 'Vundo Trojan' was released onto their computer once they had done this.  The Trojan then proceeded to download numerous other malicious applications, including a fake anti-virus scanner.

It is not yet clear how many individuals fell prey of the scam, or the extent of the damage called by this 'real world breach'.

"Attackers continue to come up with creative ways of tricking potential victims into installing malicious software." said Lenny Zeltser, an anti-virus analyst writing on the SANS Institute blog.

"Merging physical and virtual worlds via objects that point to websites is one way to do this. I imagine we'll be seeing such approaches more often."

Source

Get our free money saving newsletter
Join over 450,000 other subscribers who grab our expert money tips, unmissable money guides & hottest bargains each week in our special email...
 
3

Your Comments

MII
on 6 Jul 2009 17:48
social engineering at its finest. if you expect to survive on the net then you must have some fairly basic survival skills, eg, dont download random crap!! "On visiting the site, the drivers were instructed to download and install a tool bar to search for images of their own vehicle." this doesnt seem suspicious to anyone else? download a toolbar to search a website, thats a red flag to anyone who has spent any time on the net. a little bit of awareness goes a long way...
 
gfdh
on 11 Feb 2009 20:04
what can i say...owned
 
Thai
on 11 Feb 2009 19:24
So who profits from this in the end? The company that is selling the "anti-virus" software that is injected into the computer. Go after them no?