Harry Potter and the Plot-Spoiling, Phishing Scam
Phisher uses known black magic to steal secrets.An attacker named "Gabriel" claims to have stolen the text of the upcoming "Harry Potter and the Deathly Hallows" from Bloomsbury Publishing by use of a phishing scam. He has published what he claims are all of the plot pointsincluding main characters who get killed and the final outcome of the seven-book series. Gabriel says he used "the usual milw0rm downloaded exploit." The exploit entailed delivering to a Bloomsbury employee an e-mail with an invitation to click on a link, open a browser and click on a maliciously crafted animated icon that allowed the attacker access to the victims system.
"Its amazing to see how much [sic] people inside the company have copies and drafts of this book," Gabriel wrote in a posting on Insecure.org. "Curiosity killed the cat." (Ed. note: Spoiler alert: Do not click on the link to read Gabriels posting if you dont want to have the plot spoiled.)