Chapter 7. Phony Sites and Dangerous Attachments

there's an old saying that you never get something for nothing. Still, the ploy of offering something for free continues to be a big draw for both legitimate ("But wait—there's more! Call right now and we'll throw in a set of knives and a popcorn popper!") and not-so-legitimate ("Buy one acre of swampland in Florida and get a second acre free!") businesses.

And most of us are so eager to get something free that we may be distracted from thinking clearly about the offer or the promise being made. We know the familiar warning, "buyer beware," but it's time to heed another warning: Beware of come-on email attachments and free software. The savvy attacker will use nearly any means to break into the corporate network, including appealing to our natural desire to get a free gift. Here are a few examples.

"WOULDN'T YOU LIKE A FREE (BLANK)?"

Just as viruses have been a curse to mankind and medical practitioners since the beginning of time, so the aptly named computer virus represents a similar curse to users of technology. The computer viruses that get most of the attention and end up in the spotlight, not coincidentally, do the most damage. These are the product of computer vandals.

Computer nerds turned malicious, computer vandals strive to show off how clever they are. Sometimes their acts are like a rite of initiation, meant to impress older and more experienced hackers. These people are motivated to create a worm or virus intended to inflict ...

Get The Art of Deception: Controlling the Human Element of Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.