Yesterday we discovered the moniker of the new Prince of Cambridge, George Alexander Louis. But whilst the new Prince George was making his way into this world, others were using him as bait…
Ever the opportunists, cyber criminals tapped into the desires of thousands to catch a glimpse of the new royal baby. Cyber criminals sent millions of phishing emails to subscribers of the Scribble live blogging site, with the Zeus Trojan ready to infect anyone willing to click on the links within the email. The Zeus Trojan is designed to steal bank details.
Claiming to be from Scribble, the email was entitled ‘The Royal Baby: Live updates’ and contained a link called ‘Watch The Hospital Cam’. Hmm. As a cynical individual – and probably more importantly, one who works in the IT security industry – this would have had my metaphorical alarm bells a-ringing.
Would the Royals really set up a webcam so the world could fawn over their newborn? Or were people actually expecting a camera in the delivery room so we could all help by shouting ‘push’ from the comfort of our front rooms? Even for Royals, a new child should be a private thing – that said, until 1926 it was standard procedure for the Home Secretary to attend the birth of any new royal!
What these cyber criminals had done was tap into the emotional nature of humans, what we might call social engineering. Many people were so desperate to be a part of the event that they would not have thought twice about clicking this link. Cyber criminals more than most understand that human behaviour is often the weakest link when it comes to cyber security.
Many think that cyber security is all about the technology. Not so. People are often the first and last lines of defence when it comes to cyber security.
As for the new Prince, I’m no royalist, but I wish the little fella well.