Phony LinkedIn invitation from 'Bill Gates' lands in smartphone inboxes

Oct 28, 2009 | 04:59 PM
By Kelly Jackson Higgins


Three of the most popular smartphones -- iPhone, BlackBerry, and Palm Pre -- fell victim to a recent spear-phishing experiment that sent users a phony LinkedIn invitation from "Bill Gates," according to the security expert who conducted the research.

The experiment, which was aimed at measuring the effectiveness of email security controls in several major products and services, demonstrated just how powerful social engineering can be and how little technology can do about it. Joshua Perrymon, CEO of PacketFocus, sent a spoofed LinkedIn email to users in different organizations who had agreed to participate in the test; he was able to get his spoofed message through 100 percent of the time. He tested 10 different combinations of email security appliances, services, and open-source and commercial products; four major client email products; and the three major smartphone brands. [Dark Reading...] [Comments...]