Haiti Earthquake Leads to Upsurge in Malicious URLs
With Port-Au-Prince (capital of Haiti) struck by a massive earthquake during the second week of January 2010, cyber-criminals are unleashing numerous malevolent URLs related to the event. Actually, the criminals are increasingly applying SEO (search engine optimization) tactics to exploit search terms related to the Haiti disaster that divert Web-surfers onto fake anti-virus software websites.
On January 16, 2010, Websense Security Labs discovered that searches with phrases connected to the latest natural calamity might actually end up in downloading trojans onto users' PCs.
The blog released by the firm stated that people worldwide are surfing the Internet to get the most recent information on the issue. They want to know the ways they can send donations. Vast numbers of individuals are also seeking videos and photos to gauge the calamity's seriousness. They want to read their favorite musicians' and artists' statements regarding the disaster. Sadly, it is such major events and crises that con artists abuse to distribute malware.
By means of a video on their blog, Websense security investigators demonstrated how at a particular instance, just entering "Haiti relief" into Google's search box produced rogue anti-virus websites.
Further, if these websites are clicked they divert users onto other websites, which carry bogus anti-virus software. People are tricked through deceptive means into downloading the fake applications. By exploiting security flaws as well, such bogus anti-virus programs can be pushed onto users' computers. For that, the programs exhibit alerts that suggest or even compel users to buy those programs.
Thus, a security analyst at Websense advises Web surfers to analyze results from online searches prior to hitting a URL to ward off malicious websites. According to him, in case the URL isn't a popular site, then before hitting it, users must do certain simple checks like consulting websites and finding that URL's veracity. The Economic Times published this on January 16, 2010.
Hackers also utilize thesaurus scripts for making counterfeit articles that they then post on their malicious websites, thereby evading the copyright law. Apart from this, there are several Web applications available on the Internet that can make random comments on a website, thus raising its popularity.
Related article: HD-DVD Copy Protection Proved Vulnerable To Attack
» SPAMfighter News - 25-01-2010