Applied Social Engineering

plogOn our university, I am running a Plog — this is the paper version of a Blog ­čśë (see image on the right side). I put various articles there, mainly those which I post here but also other interesting stuff which I find on the internet. While waiting for the next course, students may read there. It is even possible to leave comments1 because there is a sheet of a flip chart and a pen as well ­čÖé

A few months ago I started an experiment. Somewhere in the middle (see red circle) I put a qrcode image there with a caption that says “DO NOT FOLLOW THIS LINK!”. The link did not harm any device but at least it pretends to do so by opening a page containing the following message: “v1rus s4ccessfully 1nst411ed, thx for opening this backdoor!“. BTW, the link is still active if you like to test it.

dontfollowI completely forgot about that but a few days ago I accidentally stumbled on the HTML file on my server, wondering if somebody had compromised it. It took a while to remember that this was my experiment page ­čś│

I immediately grep’ed through the log file of the web server to look for some hits. And actually not really being surprised, I found 40 hits, at least 60% of users who could not resist the temptation ­čśł

So here is the result of my log file analysis. 70% of the hits occurred within the first month. In total of all hits, ~33% are Android users, ~25% iPhone users, and ~43% others. Those others used Linux and Windows computers and probably tried to find out more about this “mysterious” link. I did not find any access of Windows Phone.

nya

  1. I had to cut off the comments section with respect to the privacy of the comment authors. But the 30 cm Nyan Cat is still my favorite comment ­čśÇ