Web security analysts have renewed warnings of hackers exploiting national tragedies to spread malware, with recent examples following the aftermath of both the Boston Bombings and the explosion of a fertiliser factory in Texas.
Recent reports from email security specialists AppRiver identified a series of campaigns conducted by cyber-criminals in the form of a ‘bait and switch’: emails are sent out with subject lines promising updates on recent news stories and when unsuspecting users click the links they’re then sent to sites containing malware.
One method used sent emails with the simple subject field of ‘headlines’ with the body of the messaged containing a hyperlink and a html document labelled as either “boston.html” or “news.html”. Clicking on these then sent victims to a land paged where screencaps of TV footage were used to replicate a news website.
Later, more advanced emails were sent out that more closely mimicked those from real news organisations. Typical headlines included: ‘Opinion: FBI knew about bombs 3 days before Boston Marathon - Why and Who Benefits? - CNN.com’, Opinion: Boston Marathon Worse (sic) Sensation - Osama bin Laden still alive!? - CNN.com’ and ‘Opinion: North Korean Official's child was the CIA target - Boston Marathon Explosions Worse Sensations. - CNN.com.’
Fred Touchette, a security analyst for AppRiver, said: “It no longer comes as a surprise when we see malware campaigns destined for inboxes that pretend to be news stories or videos about recent tragedies that become world topics. It's an appalling technique that these unscrupulous cyber-criminals found to be highly effective.”
“This type of despicable activity not only hurts the user duped into following the link, but also potentially the aid agencies desperately trying to raise awareness, and donations, in the wake of these disasters.”
To protect against such attacks experts advise a typical combination of anti-virus software and everyday vigilance – if you’re receiving unsolicited emails then think before clicking any links.