Parking tickets actually malware attacks in disguise

Thu Feb 5, 2009 12:02PM EST

See Comments (75)

The last place anyone would expect to face a computer security attack is on the windshield of their car in the form of a parking ticket.

But that's the latest -- and intensely clever -- way that hackers are attempting to goad people into visiting infected websites and willingly install malware on their machines.

The scam is instantly clever once you hear how it works: Hackers print up phony "PARKING VIOLATION" notices and plaster them on cars parked on the street. The phony ticket directs the car's owner to visit a certain website, and of course the website in question (which largely seems to comprise of photos of badly parked cars) is a hack site which attempts to install malware on your PC.

Essentially what we have here is a phishing attack that takes place in the real world instead of via email. The use of fliers on parked cars is what's truly ingenious: A similar attack sent via postal mail would probably have minimal effect, but people are incredibly protective of their cars, and I imagine these windshield fliers will actually have a pretty good percentage of people typing in the URLs typed on them.

The good news -- for now -- is that the fliers are extremely crude, printed on yellow paper and offering nothing in the way of legal language that would compel a sophisticated and naturally skeptical reader to even visit the website in question. Like the earliest email phishing attacks, this attack may be simplistic, but it's probably a precursor of more advanced attacks to come. When hackers scan in real parking tickets and reprint them, replacing the URL printed there with one for a sophisticated attack site, then the sparks are going to start flying. (Installing malware is boring by comparison... I expect the real attacks will involve collecting money and hijacking credit cards and bank accounts wholesale.)

This appears to be a very limited attack (reported only in Grand Forks, North Dakota) for the time being, but it's a good idea to keep your skepticism handy next time you receive a parking "violation," just in case.

Comments on Parking tickets actually malware attacks in disguise

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 6 Posted by invisusservice on Thu Sep 3, 2009 4:24PM EDT Report Abuse

    Very unique way of hacking, however very risky as the person that left the ticket is exposed to cameras at malls and places where people park. Trying to put it on one car on a dead end street goes against traditional spamming techniques where hackers send out hundreds of thousands of emails just to get one person that is not paying attention. This makes having protection against malware and other spyware and viruses on your computer a must as well as a real-time identity monitoring service, in case these people are asleep at the switch...or download.

  • 7 Posted by lordantman101 on Thu Sep 3, 2009 6:56PM EDT Report Abuse

    Seriously who would bother, they have no proof you ever received it so why would you pay it even if you were illegally parked. Thats why they have you sign tickets in the 1st place.

  • 8 Posted by altizar on Thu Sep 3, 2009 2:51PM EDT Report Abuse

    This won't be common place. E-mail attacks cost the hacker Zero, zip zilch. This costs them Paper, and Toner to print them out. They'll be spending upwards of 1000$ of dollars to get even 100,000 flyers printed.

  • 9 Posted by plfs2000 on Thu Sep 3, 2009 8:14PM EDT Report Abuse

    Now if they were REALLY smart, they would have a website that accepted payment for the faux tickets!

  • 10 Posted by charmed2knowyou on Thu Sep 3, 2009 3:22PM EDT Report Abuse

    Now that you have promoted this scam on the internet, it's sure to take off! Your article is more effective than a virus. Congrats.

  • 11 Posted by mary19932001 on Thu Sep 3, 2009 7:10PM EDT Report Abuse

    I wouldn't call this "ingenious". I'd call it mean, malicious, and incredibly selfish - not to mention just plain rotten.

  • 12 Posted by margephelps on Thu Sep 3, 2009 7:06PM EDT Report Abuse

    Interesting and timely. To be forewarned is to be forearmed!

  • 13 Posted by timagineer on Thu Sep 3, 2009 10:10PM EDT Report Abuse

    Hackers should get the precise same penalties as BURGLARS.

  • 14 Posted by krisborn on Thu Sep 3, 2009 4:53PM EDT Report Abuse

    Here's another wrinkle on it. You get an email with the subject heading "Fine" or "Parking Fine". In AZ, where I live with the danged automated speed traps, you'd open it thinking it is an automated notice of a speeding ticket. Shame on you.. you've just gotten phished.. trojaned and hosed..

  • 15 Posted by mugupo on Thu Sep 3, 2009 7:30PM EDT Report Abuse

    That is a low for hacker lol. Put that parking pass in person? There are chance the person who is not savy enought to even know how to use computer. All in all this indicate economy also affect the hacker lol.

  • 16 Posted by reeslester on Thu Feb 5, 2009 4:23PM EST Report Abuse

    North Dakota also gave us Lawrence Welk! ☺ If people would just dump Microsoft Windows & Internet Explorer, such things wouldn't happen so easily.

  • 17 Posted by rayrichard1944 on Thu Sep 3, 2009 8:31PM EDT Report Abuse

    find these people and give them 20 minutes in the electric chair....

  • 18 Posted by markwt on Thu Sep 3, 2009 7:08PM EDT Report Abuse

    Having received my share of parking tickets, I know cities send out coutesy notices if you don't pay in a couple weeks. The safe thin to do would be to wait for these. M

  • 19 Posted by bingbadaboom on Thu Sep 3, 2009 3:08PM EDT Report Abuse

    I wish they would catch some of these hackers and hang them in public. What a bunch of jerks.

  • 20 Posted by mikesickora on Thu Sep 3, 2009 7:20PM EDT Report Abuse

    When will America stop tolerating this nonsense? Public stoning would put a stop to this idiocy, quickly. We're not far off from hard working citizens becoming vigilantes and maiming these punks ourselves. I would have NO problem sentencing even a graffiti artist to death by stoning. Wake up America. Start teaching even petty criminals a painful lesson.

  • 21 Posted by dabrams03 on Thu Sep 3, 2009 3:33PM EDT Report Abuse

    You would think someone would check the video camera in the streets to catch people putting these fliers out

  • 22 Posted by slickenterprise on Thu Sep 3, 2009 9:27PM EDT Report Abuse

    usa have many evil people living here. think of any kind of way to screw people

  • 23 Posted by herb.sharum on Thu Sep 3, 2009 4:18PM EDT Report Abuse

    hopefully there video cams showing who are putting flyers on cars so those people can be arrested. Police dept. should be aware and hopefully the tv and print media is warning the public. The hackers and those placing the flyers should be arrested for tampering with a govt. document.

  • 24 Posted by cardenasjj23 on Thu Sep 3, 2009 3:18PM EDT Report Abuse

    Well look on the brightside i get paid next friday...

  • 25 Posted by kitty4761 on Thu Sep 3, 2009 4:52PM EDT Report Abuse

    Wouldn't this technically be a felony? Because last I knew, impersonating an officer of the law was a felony, and anyone handing out traffic citations would be impersonating an officer.

Post a Comment

Sign In to Post a Comment

My Tech

Please enable your browser's cookies to activate the My Tech column.

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.