Here's a new angle on getting people to unknowingly and willingly visit a site which installs malware on their machines. According to Christopher Null at Yahoo Tech, hackers put counterfeit "parking tickets" on the windshields of illegally parked cars. The counterfeit tickets instruct the car's owner to go to a website and pay the fine. Yes, you guessed it...the website installs malicious code. Here's his story:
Parking tickets actually malware attacks in disguise : Christopher Null : Yahoo! Tech
Parking tickets actually malware attacks in disguise : Christopher Null : Yahoo! Tech
The last place anyone would expect to face a computer security attack is on the windshield of their car in the form of a parking ticket.
But that's the latest -- and intensely clever -- way that hackers are attempting to goad people into visiting infected websites and willingly install malware on their machines.
The scam is instantly clever once you hear how it works: Hackers print up phony "PARKING VIOLATION" notices and plaster them on cars parked on the street. The phony ticket directs the car's owner to visit a certain website, and of course the website in question (which largely seems to comprise of photos of badly parked cars) is a hack site which attempts to install malware on your PC.
Essentially what we have here is a phishing attack that takes place in the real world instead of via email. The use of fliers on parked cars is what's truly ingenious: A similar attack sent via postal mail would probably have minimal effect, but people are incredibly protective of their cars, and I imagine these windshield fliers will actually have a pretty good percentage of people typing in the URLs typed on them.