I've just bumped into some social engineering on a massive scale - spam that hit a huge number of message boards at once.
It’s pretty elementary in some ways - a post which says
Andre call me ,please ! Or my ICQ – 256***** .Sorry for offtop o:( .
Of course, the message won’t have a long life span - spam like this gets deleted pretty quickly from well moderated boards. This means, of course, that spammers have to continually think up new ways to grab a user’s interest.
Anyone who’s curious, or foolish enough, to try contacting the icq number could end up receiving anything, ranging from unsolicited advertizing to a link to a brand new worm. Yesterday’s spam is a clear attempt to move away from a banal offer towards dialogue with the user. After all, an ICQ number could easily have a bot at the other end - a bot which might even manage to persuade the user that it’s a human being. And if a user thinks there’s a human being on the other side of the screen, s/he’s all the more likely to open any links sent...including those that lead to new malware.