Michael Jackson death spurs spam, viruses
- — 27 June, 2009 09:20
Less than 24 hours after Michael Jackson's death, fraudsters are exploiting public interest with their attempts to spread spam and malware. Security researchers say they've observed hundreds of cases of malicious messages masquerading as information about Jackson's death. Some of them, they say, popped up within minutes of the news.
Avoiding these threats isn't difficult, though: It's just a matter of staying one step ahead. Here are some of the attackers' tactics and what you can do to keep from falling victim.
E-Mail Address Harvesting
E-mails started circulating Thursday claiming to have "vital information" about Jackson's death. The messages ask users to respond in order to become privy to the "secret" details.
Unlike many Web-based threats, these e-mails aren't attempting to get you to click onto anything; rather, analysts believe, they're likely trying to get you to reply so your address can be confirmed for future spamming purposes.
"The spammer can easily harvest recipients' e-mail addresses via a free live e-mail address if computer users reply to the spam message," researchers at security firm Sophos explain.
Hidden Trojan Infecting
Another hoax takes the more standard approach of offering e-mail-based links, supposedly to exclusive videos and photos of Michael Jackson. These messages also appear to have YouTube videos embedded inside. If you try to follow the links or play the video, however, you may end up with malware on your computer -- without even knowing it.
"A legitimate Web site ... is opened by the default browser in order to distract the user by presenting a news article for them to read," researchers at Websense Security Labs explain. "In the background, three further information-stealing components are downloaded and installed."