EH-Net

http://i.gizmodo.com/5148817/hackers-using-fake-parking-tickets-to-infect-computers

So this is a few days old, but i missed it. I thought it was quite interesting and reminded me of a study, i think done in London where they gave out CDs on the street during lunch hours to see who ran them when they got back to work and the software on the CD reported back the IP address of the machine that ran in.

Any other interesting ways you've seen that people have convinced people to run malicious software? I guess it takes a whole load of extra effort but you could really target individuals.



EDIT: Free CD giveaway info http://www.infoworld.com/article/06/03/13/76382_HNfreecdbreach_1.html

EDIT2: Looks i need to use the search function duplicating a thread from a week ago! oops! lock or whatever if you like

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,3447.0/

I remember reading (I think in one of kevin Mitnik's books) about a pen test done where they left a bunch of USB drives infected with custom malware arround the entrance to the building of the company that they were testing.  inevitably people picked them up and shoved them in their work computers.

I would absolutely love it if everyone in the world knew how to use virtualisation software or liveCD's and learned safe practices dealing with things like this.  heck - even my mum 15 years ago was paranoid about sticking any old floppy disk in the computer.  why, in this post-web world, people havn't got this drilled into their heads by their IT department or computer-nerd friends I'll never know.

</rant>

Fathercat beat you to it  :P

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,3447.0/