Skip to content

Spare a (dark) thought for the hackers doing it hard, too

Hacker Codeing

There’s a bit of a global cost of living crisis going on and everyone’s feeling the pinch. Even the hackers.

Desperate times, they say, call for desperate measures and we’ve seen evidence of that as hackers step up their efforts with sometimes quite ingenious methods. What hasn’t changed is that they’re after the same thing; your hard-earned cash, which they want to turn into their filthy lucre. What the straitened circumstances mean for all of us on the right side of the law is quite simple: hypervigilance is essential. Both in your personal and professional life.

While we’re generally inclined to think of hackers as being a bit like the cool and mysterious denizens of Mr. Robot, the reality is a lot more Glengarry Glen Ross. While Mr. Robot is a lot fresher in the memory and tracks the machinations of Christian Slater in the eponymous role and Rami Malek as cybersecurity engineer Elliot Alderson, Glengarry Glen Ross is a far older film. Made in the 1990s, it’s a view into the misery of washed-up middle-aged salespeople pushing unappealing real estate using various dubious telesales methods.

The adaptation of David Mamet’s play of the same name sees those salespeople resorting to increasingly dodgy tactics as desperation takes hold. Their jobs are on the line. They’ll do anything to close a deal. And if they don’t close, they’re fired.

Depressing? You bet. But this is a lot more like the hacker of today than the hip, cool, Rami Malek and Christian Slater characters. Desperation.

Desperation means we are seeing increasingly clever and convincing attacks, ranging from the complex and sophisticated, to the endless array of ‘shotgun’ email bait and switch tactics. Organised hacker groups running Glengarry Glen Ross-style boiler rooms in India, Russia, various parts of Eastern Europe and West Africa, and in fact from anywhere, have ‘employees’ on the ropes, with daily quotas that must be filled. That desk and computer didn’t come free, after all, and there are mouths to feed.

Among the recent scams which have raised an eyebrow is the ‘Urgent Upload Notification’. Purportedly an email from, ah, an insalubrious video sharing website, these emails play on common fears and taboos, tapping into the concept of ‘revenge porn’ and societal distaste for ‘that sort of thing’. Shocked that you’ve apparently had an intimate recording made public (bait), you click on the link to remove it (switch).

Insalubrious and salacious it might be, but that hasn’t prevented Forbes from covering the scam with a provocative, but spot on, headline: Got A ‘Sex Video Uploaded’ YouPorn Email? Do These 3 Things Now.

Just like the ‘I’ve recorded you doing something intimate while accessing adult websites’ email scams, there’s an element of shock, awe, and plausibility to the whole affair. It brings back memories of the astonishingly successful ‘love bug’ worm which hit in the year 2000: send people an attachment titled ‘ILOVEYOU’ and it turns out nearly everyone’s curiosity gets the better of them.

As always, any unsolicited email should be viewed with caution. Particularly when it carries that shock and awe factor.

Other scams we’ve seen in New Zealand include incredibly slick, incredibly convincing investment scams like the ‘Citibank bond scheme’ or that perennial hacker’s favourite, cryptocurrency scams using social media or dating apps as the entry point. These scams take a good deal of organisation and effort from the bad actors, and have conned people out of hundreds of thousands of dollars.

While these don’t generally have the randomness associated with the email propagated scams, what they do have is the use of a combination of online tools with social engineering. Even with caution as the watchword, avoiding these scams isn’t easy – the victims who have gone public are sophisticated, intelligent and aware individuals who fell for it all the same.

So, while we’re all experiencing the cost-of-living crisis in terms of rising food prices, escalating mortgage rates and so on, let’s spare a thought for the hackers. Not a good thought, mind you, but one which keeps your eyes open and alert levels on high.


Related Posts

Something interesting caught my eye, and it is the intersection between misinformation, disinformation, and cyber security and the World Economic Forum’s perceived level of the threat we all face.
Have you ever seen a video of your favorite celebrity saying something outrageous? Then later, you find out it was completely fabricated?
Specialist national Managed Security Services provider, Advantage, has deepened its relationship with Mastercard’s RiskRecon cyber risk management platform by becoming New Zealand’s first official reseller.