Η Emily Williams he is not a real person. Created by two hackers like social network profiles. The photo was real and belonged to a woman who had given her consent to the two hackers who wanted to use it.
The hackers used two fake profiles, one on Facebook and one on LinkedIn to send greeting cards to public employees of the department supposedly working Emily Williams.
As Violet Blue says ZDNet the two researchers used compromised greeting cards to gain administrative privileges, obtain passwords, install applications and steal files from their victims' computers.
Miss Emily Williams, was the showcase of security researchers Aamir Lakhani and Joseph Muniz. In this way, they even persuaded a security team member to click on a javascript that was hidden on a birthday card.
Ο Lakhani presented the attack at the RSA conference Europe 2013, on Wednesday 30 October.
Mr Lakhani presented the findings of the survey to RSA Europe 2013 in a speech he had “Social Media Deception.” The results related to Project “Emily Williams”, a penetration test of a US government agency, which was conducted in late 2012.
Lakhani refused to identify the US government service that was violated in the name of Miss Williams. However, as reported to the RSA audience, his team's attack was done in a very secure service specializing in cyber attacks and privacy protection. In the past, those who had tried had success with only zero-day attacks
Download the PDF: RSA presentation slides for Social Media Deception
Mr Lakhani explained that his team had tried the same attack with fake men 's profiles, but were unsuccessful.
