{"id":798,"date":"2013-11-21T17:31:15","date_gmt":"2013-11-21T16:31:15","guid":{"rendered":"http:\/\/www.satinfo.es\/noticies\/?p=798"},"modified":"2013-11-21T17:33:08","modified_gmt":"2013-11-21T16:33:08","slug":"nueva-tecnica-de-ingenieria-social-mail-malicioso-que-ofrece-enlace-acortado-pidiendo-entrar-contrasenas","status":"publish","type":"post","link":"https:\/\/www.satinfo.es\/noticies\/2013\/nueva-tecnica-de-ingenieria-social-mail-malicioso-que-ofrece-enlace-acortado-pidiendo-entrar-contrasenas\/","title":{"rendered":"Nueva t\u00e9cnica de ingenier\u00eda social: MAIL MALICIOSO QUE OFRECE ENLACE ACORTADO, PIDIENDO ENTRAR CONTRASE\u00d1AS\u2026"},"content":{"rendered":"

Acabamos de recibir mail malicioso que ofrece link que resulta estar acortado, y el usuario no ve el destino del mismo.<\/span><\/p>\n

Muestra del mail<\/b><\/span><\/span><\/span><\/p>\n

From: <remitente><\/i><\/span><\/span><\/span><\/p>\n

To: undisclosed-recipients:
\nSent: Monday, November 18, 2013 1:40 AM
\nSubject: Please kindly review the uploaded document<\/i><\/span><\/span><\/span><\/p>\n

Hello,<\/span><\/p>\n

I uploaded an important file for you to review on google secure drive,as i do not have a PDF converter<\/i><\/span><\/span><\/span><\/p>\n

Click Here<\/b><\/span> \u00a0<\/b><\/i><\/span><\/span><\/span><\/strong><\/strong>for immediate access<\/i><\/span><\/span><\/span><\/p>\n

Regards<\/i><\/span><\/span><\/span><\/p>\n

Fin de la muestra del mail<\/b><\/span><\/span><\/span><\/p>\n

el enlace del mail lleva a http:\/\/bit.ly\/\u2026\u2026.. que es un enlace reducido de la empresa bitly (http:\/\/es.wikipedia.org\/wiki\/Bitly) , cuando realmente el enlace original lleva a una p\u00e1gina maliciosa de Caracas:<\/span><\/span><\/span><\/p>\n

http:\/\/fundacionxxxxxxxx.org\/googledrive\/ desde IP 82.98.XXX.XXX, que resulta estar dentro del rango de un ISP de Venezuela:<\/span><\/span><\/span><\/p>\n

inetnum: 82.98.147.0 \u2013 82.98.147.255
\nnetname: RANGO-CH
\ndescr: Rango IPv4 Caracas Hosting
\norg: ORG-CH11-RIPE
\ncountry: VE
\nadmin-c: JFD2-RIPE
\ntech-c: JFD2-RIPE
\nstatus: ASSIGNED PA
\nmnt-by: EXT-MNT
\nsource: RIPE # Filtered<\/span><\/span><\/span><\/p>\n

Efectivamente piden logarse para acceder a visionar el documento, con lo que capturan la clave que se le indica y con ello pueden enviar mails en su nombre\u2026, como ha sido el caso de este mail, que proviene de una entidad responsable\u2026<\/span><\/span><\/span><\/p>\n

La pantalla de ingenier\u00eda social utilizada es la siguiente:
\n<\/span><\/span><\/span><\/p>\n

\"ingenieria_social\"<\/a><\/p>\n


\nMucho cuidado con ello y desde ahora vigilar especialmente los enlaces acortados, en cualquier caso, NUNCA ofrecer datos personales o contrase\u00f1as.<\/span><\/span><\/span><\/p>\n

Evidentemente, si se han visto afectados, procede cambiar urgentemente la contrase\u00f1a para evitar que sigan aprovech\u00e1ndola los hackers en cuesti\u00f3n.<\/span><\/span><\/span><\/p>\n

SATINFO<\/b><\/span><\/span>, <\/b><\/span>SERVICIO DE ASISTENCIA T\u00c9CNICA INFORMATICA\u00a0<\/b><\/span>21\u00a0<\/b><\/span>de <\/b><\/span>Noviembre\u00a0<\/b><\/span>de 201<\/b><\/span>3<\/b><\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Acabamos de recibir mail malicioso que ofrece link que resulta estar acortado, y el usuario no ve el destino del mismo. Muestra del mail From: <remitente> To: undisclosed-recipients: Sent: Monday, November 18, 2013 1:40 AM Subject: Please kindly review the uploaded document Hello, I uploaded an important file for you to review on google secure […]<\/a><\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[320,891,892],"tags":[486,485],"class_list":["post-798","post","type-post","status-publish","format-standard","hentry","category-320","category-otros","category-todos","tag-ingenieria-social","tag-please-kindly-review-the-uploaded-document","category-320-id","category-891-id","category-892-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/posts\/798","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/comments?post=798"}],"version-history":[{"count":0,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/posts\/798\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/media?parent=798"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/categories?post=798"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/tags?post=798"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}