Social Engineering

[RobertJasiek]

In the late 1990s, I was victim of attempted social engineering once. Somebody tried to collect my biography and its personal data by pretending to include me in a dictionary of the top 1,000 most influential persons in the internet. Nowadays, an attacker would simply buy such data of dozens of millions of people.

Afterwards, no attempt of social engineering was made for some two decades. Hackers would simply send email attachments with malware or links to no avail because I read emails in plain text and do not open attachments automatically.

Recently I have become victim of repeatedly attempted, targeted social engineering. The basic hacking scheme has remained the same: email attachments with malware or links. The hacker has, however, added either attempted encryption and alleged blackmailing threats or social engineering as an additional layer. He impersonates another go player and me, cites texts of go discussion and tries to provoke my reply. His email addresses, accuracy of spelling and effort towards contents change every time. After his major attempts have failed, he is falling back to more time-efficient attempts of copy&paste and basic email malware attachments.

Another or the same recent hacker pretended to be a Maltese CEO's secretary preparing his taking of go lessons. The means of communication were supposed to be proprietary video streaming clients, that is, malware.

Just because the surface is go contents do not fall into the traps of hackers! Always be careful! Computers have become more secure so hackers try more specific attacks. Do not feed jet set life or dubios states!

[Javaness2]

That sounds quite unusual. Such a persistent but totally inept attempt. Do you have some examples of the texts they essay?

[RobertJasiek]

I have made <edits> to protect you, people and a go organisation.

Example

From: <impersonated go player's email address 1>

To: <me>

Date: 2023-11-07 13:40

Subject: Re: [gotalk] IGF Anti-Doping reguu

Good day,
Just hoping to ensure if you've seen the file I sent yesterday.
> The logic of this position, Robert, requires you also to be against the
> Olympic anti-doping provisions for physical sports also. Is this, in fact your
> position? If so, I think most people would disagree with you.Freedom is not
> absolute. Sometimes, if you want to participate in some group activity, you
> must voluntarily give up some elements of individual freedom.Best wishes,
<same impersonated go player's signature>
<same impersonated go player's detailed address data>
Original Message ----- From: <me>
> To: Sent: Friday, July 24, 2009 11:23 AMSubject: Re: [gotalk] IGF
> Anti-Doping regulations> More important than characteristica of drugs, amounts
> of money or > eligibility to participate in olympic / top international
> tournaments are > human and basic rights. They are impartial. They are
> impartial even though > world-wide only a few players might be affected and
> yet fewer European > amateurs. I have discussed the topic in forums and
> elsewhere, see e.g. > godiscussions.com. IGF officials fight hard against WADA
> to achieve > compromises but those are not good enough. It is still necessary
> for the > players in the Registered Testing Pool to specify whereabouts by
> stating > their place of residence for a specific hour per day in advance. If
> I > should be one of the players, I would not violate my own human and basic >
> rights but instead cite them from the various constitution and law >
> documents. I am free but if you say so to the responsible IGF officer > Thomas
> Hsiang he replies "What is freedom?". It is ultimately clear what > freedom is
> with respect to one's rights of movement, residence, data > protection etc.:
> To move and reside freely without being bound by any > advance specifications
> of whereabouts! One does not need to fight that > through all instances of the
> courts - common sense tells us what freedom > is and why our ancestors have
> fought for it for many centuries!>> Freedom is also not something that can be
> sold in exchange for something > else like the right to participate in an
> event. Yet you hear this argument > regularly from Go politicians in favour of
> anti-doping measures.>> -- > robert jasiek>
> _______________________________________________> gotalk mailing list> >
> <URL>
> _______________________________________________gotalk mailing
> <URL>

1 attachment: VELv.rev

Example

From: <same impersonated go player's email address 2>

To: <me>

Date: 2023-11-07 11:22

Subject: Re: [gotalk] IGF Anti-Doping

Were you obtain the file I forwarded to you last day?
File password: *KI*

<citation as before>

1 attachment: AUT9.zip

Example

From: <same impersonated go player's email address 3>

To: <me>

Date: 2023-11-02 11:28

Subject: Re: [gotalk] IGF Anti-Doping reegul

Just aiming to ascertain if you've looked at the paperwork I dispatched last day.
<some suspicios URL>
The logic of this position, Robert, requires you also to be against the Olympic
anti-doping provisions for physical sports also. Is this, in fact your position?
If so, I think most people would disagree with you.Freedom is not absolute.
Sometimes, if you want to participate in some group activity, you must
voluntarily give up some elements of individual freedom.Best wishes,
<same impersonated go player's signature>
<same impersonated go player's detailed address data>
<citation as before>

Example

From: <same impersonated go player's email address 4>

To: <me>

Date: 2023-10-30 13:17

Subject: Re: [gotallk] IGF Annti-Doping

Fill information concerning the latest agreement is located in the file attached.
The logic of this position, Robert, requires you also to be against the Olympic
anti-doping provisions for physical sports also. Is this, in fact your position?
If so, I think most people would disagree with you.Freedom is not absolute.
Sometimes, if you want to participate in some group activity, you must
voluntarily give up some elements of individual freedom.Best wishes,
<same impersonated go player's signature>
<same impersonated go player's detailed address data>
<citation as before>

1 attachment: Quisyy.zip

Before, the hacker(s) tried much more severe attempts involving encryption threats, alleged blackmailing threats, alleged teaching and alleged bulk book orders.