Parking tickets actually malware attacks in disguise

Thu Feb 5, 2009 12:02PM EST

See Comments (75)

The last place anyone would expect to face a computer security attack is on the windshield of their car in the form of a parking ticket.

But that's the latest -- and intensely clever -- way that hackers are attempting to goad people into visiting infected websites and willingly install malware on their machines.

The scam is instantly clever once you hear how it works: Hackers print up phony "PARKING VIOLATION" notices and plaster them on cars parked on the street. The phony ticket directs the car's owner to visit a certain website, and of course the website in question (which largely seems to comprise of photos of badly parked cars) is a hack site which attempts to install malware on your PC.

Essentially what we have here is a phishing attack that takes place in the real world instead of via email. The use of fliers on parked cars is what's truly ingenious: A similar attack sent via postal mail would probably have minimal effect, but people are incredibly protective of their cars, and I imagine these windshield fliers will actually have a pretty good percentage of people typing in the URLs typed on them.

The good news -- for now -- is that the fliers are extremely crude, printed on yellow paper and offering nothing in the way of legal language that would compel a sophisticated and naturally skeptical reader to even visit the website in question. Like the earliest email phishing attacks, this attack may be simplistic, but it's probably a precursor of more advanced attacks to come. When hackers scan in real parking tickets and reprint them, replacing the URL printed there with one for a sophisticated attack site, then the sparks are going to start flying. (Installing malware is boring by comparison... I expect the real attacks will involve collecting money and hijacking credit cards and bank accounts wholesale.)

This appears to be a very limited attack (reported only in Grand Forks, North Dakota) for the time being, but it's a good idea to keep your skepticism handy next time you receive a parking "violation," just in case.

Comments on Parking tickets actually malware attacks in disguise

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 1 Posted by rogueist on Thu Sep 3, 2009 8:49PM EDT Report Abuse

    Wow, that is one incredibly well thought up scam!

  • 2 Posted by dubyac99 on Thu Sep 3, 2009 3:49PM EDT Report Abuse

    Very interesting. I think I would not be fooled, but maybe I'm just being arrogant.

  • 3 Posted by alexgannis on Thu Sep 3, 2009 2:50PM EDT Report Abuse

    Most people would rather to pay a ticket online what a way to fool people of thinking you got a parking ticket when actually it a scam.

  • 4 Posted by j_harbo on Thu Sep 3, 2009 4:45PM EDT Report Abuse

    This is happening at my college. The hackers are going around putting these tickets on cars that are parked in the college lots. University of North Dakota baby...good school, but very dangerous. lol

  • 6 Posted by invisusservice on Thu Sep 3, 2009 4:24PM EDT Report Abuse

    Very unique way of hacking, however very risky as the person that left the ticket is exposed to cameras at malls and places where people park. Trying to put it on one car on a dead end street goes against traditional spamming techniques where hackers send out hundreds of thousands of emails just to get one person that is not paying attention. This makes having protection against malware and other spyware and viruses on your computer a must as well as a real-time identity monitoring service, in case these people are asleep at the switch...or download.

  • 7 Posted by lordantman101 on Thu Sep 3, 2009 6:56PM EDT Report Abuse

    Seriously who would bother, they have no proof you ever received it so why would you pay it even if you were illegally parked. Thats why they have you sign tickets in the 1st place.

  • 8 Posted by altizar on Thu Sep 3, 2009 2:51PM EDT Report Abuse

    This won't be common place. E-mail attacks cost the hacker Zero, zip zilch. This costs them Paper, and Toner to print them out. They'll be spending upwards of 1000$ of dollars to get even 100,000 flyers printed.

  • 9 Posted by plfs2000 on Thu Sep 3, 2009 8:14PM EDT Report Abuse

    Now if they were REALLY smart, they would have a website that accepted payment for the faux tickets!

  • 10 Posted by charmed2knowyou on Thu Sep 3, 2009 3:22PM EDT Report Abuse

    Now that you have promoted this scam on the internet, it's sure to take off! Your article is more effective than a virus. Congrats.

More Posts: First Prev 1 2 3 4 5 Next Last

Post a Comment

Sign In to Post a Comment