Through SEO poisoning attacks and Facebook adware, cyber criminals can take advantage of Osama bin Laden’s death. These types of attacks, as reported by Kaspersky Lab, are spreading like wild fire across the Web.The cyber criminals are a clever bunch and they know exactly how to use big news in their favour. The phishing scams started just hours after the news dropped on Sunday that Osama had been assassinated in his Pakistani compound. This is normal practice for these kinds of scams, the cyber criminals lie waiting for a major news story. Major news drives increased Web traffic for certain key words, Tim Armstrong from Kaspersky Labs states: “This is pretty typical of this kind of malware…We see this after any major event happens – these guys are pretty much waiting. They have such a system set up that they can jump on any topic.”
SEO Poisoned Links
Just four hours after the news broke the malware authors began launching SEO campaigns targeting search engines, especially Google, to spread rogue antivirus software and to push Facebook adware deep into the social network. The SEO campaigns aim at placing malicious websites at the top of search engine rankings, more often than not the website appeals to users to click by offering breaking news or information on the global event. An example of the currents attacks taking place come when a user searches in images, such headlines as “Osama bin Dead Awhile” and “Is Osama bin Laden Dead?” together with images of the Al-Qaeda leader are known poisoned links. If a user was to click on these links it would take them to one of two domains that offers fake anti-virus software called “Best Antivirus 2011”. This fake software installs a Trojan on your computer which fools users into giving up their credit card details.
Normally Mac users are safe from these kinds of attacks, but this latest variant includes malicious software for Macs. Kaspersky spokesman, Armstrong, indicates that there is a worrying trend, cyber criminals are becoming more sophisticated and can include more Mac users in their attacks. The attack usually drops an installer, designed to exploit the trusted file system in the Safari browser.
Facebook at risk through Adware
Kaspersky has also uncovered a hail storm of fake adverts being spread through Facebook under the guise of bin Laden’s death. Two adverts to watch out for are “Sweet! FREE Subway To Celebrate Osama’s Death-56 Left HURRY!” and “2 Southwest Plane Tickets for Free – 56 Left Hurry”, each adverts comes with a URL to click.
Clicking on the link will take the victim to a page that asks them to post a message in order to receive further information. After the victim has posted the message, a new message will pop up on their wall enticing more people to fall victim to the same scam, thus spreading itself virally. The main concept behind these scams is to get people to get stuck in a loop of pages that constantly ask for personal information such as email addresses, once some personal information has been obtained the cyber criminals can make money.
Attacks into the future
The experts believe that this is just the beginning, as interest deepens into this story so will the attacks. The news frenzy surrounding bin Laden’s death will continue for some time. The likely hood of Al-Qaeda reprisals, people wanting to find footage of the fire fight at the compound and graphic images of the dead body will keep this story relevant for months.
Be on the look out
At Web and Rank we recommend that before users click on links related to bin Laden that they examine the URL closely. Try to stay away from unfamiliar links altogether even if they do inhabit top positions in search engines, trusted news sites like BBC, CNN and Al-Jazeera will give you all the info you need. If users come across ads on Facebook that just simply look to good to be true then ignore them and certainly never give out any personal information.