Computer Security: “Conpherencing” - the new phishing
CERN is regularly the target of so-called “phishing” attacks, where troublemakers with bad intentions send fake emails to CERN people to try to lure them into disclosing their CERN passwords (or other passwords). Fortunately, few people nowadays fall into such traps. Simply remember to treat your password like your toothbrush: don’t share it and change it regularly (see our Bulletin article “What is a good toothbrush, erm, password?”).
But do you know about “conpherencing” (yes, with “ph” in the middle!)? “Conpherencing”, a term coined by us, is like phishing, but instead of a fake login page, it uses a full-blown conference website resembling that of a popular mainstream conference. Similar to the webpages described in our “Jekyll or Hyde? Better browse securely” article, this evil twin includes a scientific programme, details of a committee, sponsors and abstract submission dates.
For example, the ICNFP2014 conference appeared to exist in duplicate: the real webpage of the conference, which will take place in Crete, is on CERN’s Indico site (below, screenshot on the left), while its evil twin (on the right) said that it would be in Istanbul. A closer look revealed that (at least) one sponsor was not aware that they had been named as a supporter of that event and refused to be involved once they found out, and some of the “committee members” listed don’t appear in the phonebooks of the universities with which they were supposedly affiliated. This twin webpage even copied the conference summary text! The same web server also had fake pages for many other conferences: ICN2014 (on nanotechnology), ICECE2014 (electrical and computer engineering), ICC2014 (chemistry), ICM2014/ICSMS2014 (maths), ICP2014 (physics), …
Thus, as with all your activities on the Web, please be vigilant: stop and think before you click! Too often, a website’s real purpose is not what you think it is…
Check out our website for further information, answers to your questions and help, or e-mail Computer.Security@cern.ch.
If you want to learn more about computer security incidents and issues at CERN, just follow our Monthly Report.
Access the entire collection of Computer Security articles here.