Last Modified:                                                                                                

Homepage / Publications & Opinion /

Scam repeats
There's nothing new under the sun...
Written at The IoD London after having found an apparently blank CD at a coffee shop on the way in. Despatched to via a free hotel wi-fi service available in a coffee shop next door.

Way back when people still used floppy disks, I recall a novel scam for infiltrating machines and networks. Those on the 'dark side of the force' would leave a floppy disk in a coffee shop, hotel lounge or office. Some unsuspecting victim would pick up the disk and of course take a look at what it contained.

The disk would either appear to be empty or it would contain a lot of files. What it really contained was a Trojan horse, virus or some other malicious code that would attach itself to the victim's files and/or infiltrate the hard drive directly. Bingo! The ruse was complete. With software implanted the dark side was now in control. It really was that easy!

In another variant, the person carrying out the scheme would hand the victim a floppy and ask them for a copy of a file following a presentation or discussion. Of course, once inserted inside a clean machine the infection the disk contained was passed on and distributed over any networks the system was connected to.

Virus-checking software countered some of this but the scam never went away because it was never totally neutralised as a potential threat.

So guess what? There is very little new under the sun! This scam is back with a vengeance via CDs, DVDs, memory sticks and of course MP3 Players. In fact, just about anything you can plug into a laptop and PC has been used to spread malicious code including mobile phones and cameras. They are all a potential treat.

The only defence remains a blanket refusal to connect or a complete security scan of any device or storage media to be connected. A simple measure is to look at the memory capacity of the device and the number of MBs used, plus the projected time to scan. I just refuse anything really big!

But I have an additional advantage - a non-standard OS, which reduces my risk substantially but still doesn't mean I am immune.

My advice: keep your shields up and take no risks - not even with friends!