Friday, January 22, 2010

Social Engineering Tactics Promote "Miracle" Berries

I received an unlikely Yahoo! IM from a long time friend with whom I have not been in contact with for quite a long time.

Af first I thought, wow this would be a good time to catch up.

She buzzed me and asked me if I was busy, then gave me a URL to try out very quickly and tell her what the results tell me.

Well, here's the screenshot:

The link was: hxxp://

At this time I was already suspicious about the whole thing. So I tried out the link in a controlled environment. There were a series of redirections and my browser was redirected to:


It seems that whoever I was talking to was not my friend (possibly a bot). She might have been a victim of a phishing scam, and her Yahoo! IM account was being used as part of this social engineering tactic in order execute the Acai Berry spam which has been bugging people for ages.

This one was a bit harmless as the whole exercise was just another form of spam. But as always, I would like to remind everyone to be careful of clicking links, even if they come from people you know.