December 10th, 2013

Mysterious email, possible social engineering, whatever it was, it didn't work

A colleague of mine got a strange piece of email. It went something like this, although I’ve substituted a fictitious nation and fictitious company name to protect the guilty(?).

Subject: St. George’s Island Embassy Trade Mission: Meeting request on behalf of Contoso Corporation

Dear ⟨name⟩,

I am contacting you following the advice of ⟨senior executive⟩, CTO of Microsoft Pangaea.

The St. George’s Island Embassy Trade Mission is currently assisting a local company, Contoso. Contoso would like to present ⟨technology⟩ to Microsoft. Details are in the attached document.

Would you accept a conference call with the CEO of Contoso, at a time at your convenience?

Looking forward to a fruitful collaboration,

Sir Humphrey Appleby,
Director, St. George’s Island Embassy Trade Mission

My colleague has no connection with St. George’s Island, nor had he ever met the named senior executive (or anybody else from the Pangaea division), and he asked, “Is anybody else getting messages like this?” I suggested that they might be trying some social engineering: “Send an email to an employee saying that a senior executive told us to contact them. They will do whatever we ask because they think we are operating under the instructions of the CTO.”

This sounded plausible, so my colleague contacted said senior executive, who replied, “I had invited Contoso to participate at a large event we held on St. George’s Island last year, but just as you don’t know me, I don’t know you either. This is definitely suspicious. Thanks for taking the time to send me this warning.”

Author

Raymond has been involved in the evolution of Windows for more than 30 years. In 2003, he began a Web site known as The Old New Thing which has grown in popularity far beyond his wildest imagination, a development which still gives him the heebie-jeebies. The Web site spawned a book, coincidentally also titled The Old New Thing (Addison Wesley 2007). He occasionally appears on the Windows Dev Docs Twitter account to tell stories which convey no useful information.

0 comments

Discussion are closed.