Threat Research

Harvester: Beware of simple social engineering attacks

Jan Širmer, 11 July 2012

Harvester: Beware of simple social engineering attacks

Sometimes, the use of simple scams and well-known brands are used to trick people into giving up login names and passwords. By making people aware of these scams, we can better protect against the hackers.

You don’t need any obfuscated scripts or blackhat SEO tricks. Sometimes it is as easy as creating a Google document and sending it to trusting users. Anyone can create a simple form without any checks and this can be as a link to This form is seeded at social sites and via emails. The hackers then wait for responses from any visitors.

After filling in this form, the visitor is now sent to another page where they are informed about re-activating the account.

The form will provide a link which displays all answers from any visitors.


In our simple test, many of the users know that this is a fake application and so they write fake addresses, user names and passwords inside form. However, this phising attack is used in the real world and we detect it within Avast as “HTML:Phish-L”. So remember, if you are asked to enter your email address, user name and password from an untrusted source, don’t do it!