Socially Engineered Spam


I often seem to write about spam here, but then again, I do seem to get some goodies...

I recently got a spam from someone asking about a particular Flickr photo of mine, which linked off to a Flickr-like page and then tried to infect me with a virus via a Java applet. Thankfully my antivirus kicked in and I wasn't infected.

But that got me thinking... Did someone's code scrape my homepage to see that I use Flickr? The amount of tools to pull your Flickr images through to your own page is huge, so it's a large market. I suppose it's a form of social engineering - people put many of their photos on sites like Flickr, and everyone wants their picture to be a favourite. Getting an email from someone asking about a particular picture, especially a detail of a particular picture had me fooled for a second, and may well fool others. I wonder how many people will get infected?

I'd be interested to hear from anyone else who got a similar email, especially if they mention Flickr on their homepage. Is this a new phenomenon?