Home / Resource Center / Blog / Breaking News Earthquake Hits - Phishing Aftershocks

Breaking News: Earthquake Hits - Phishing Aftershocks

Joseph (J.B.) Blankenship

Joseph (J.B.) Blankenship    |    August 23, 2011

It’s the end of the world as we know it, or at least it may be the end of the world according to the REM song – “That’s great, it starts with an earthquake…” At least that’s what the online scammers of the world will try to get you to believe.

With the Virginia Earthquake that occurred on August 23, the Colorado Earthquake that occurred on August 22 and the impending landfall of Hurricane Irene the Internet is abuzz with news and information.

Phishers, spammers and scammers of all types take advantage of breaking news stories, typically with email links to videos or stories about the breaking news topic. Using emotionally-charged stories or stories that are top-of-mind to fool users into clicking through is a form of social engineering. Many APTs start with a phishing or spear phishing attack.

Be aware that stories about the Virginia earthquake will quickly start being used by phishers in email campaigns. Typically, these emails will have links to sites purporting to have new information, images or video of the disaster. Instead of finding the images or video footage, however, users will be taken to a malware-hosting site where they will be infected.

Internet users may also find fraudulent links to videos or stories on the Internet that lead to malware download sites. A popular tactic for this is called search poisoning. This occurs when users search for a term such as “Virginia Earthquake” and the results are seeded with links to malware download sites. This can happen with news stories as well as videos and images in search engines.

Scammers may also send emails about charities seeking donations for people affected by a disaster. Be very cautious when giving money online.

As a precaution, be careful what you click on – both in email and online. If you’re in doubt about the source of email or the site the link is taking you to, don’t click on it. Anti-virus may not save you from a malware infection if you visit an infected site.

It’s not the end of the world, but use caution when looking for news of these and other disasters. Make sure this isn’t the end of the world for your data.

POST A COMMENT

Name
Email
Comment
<< All Entries

Solutionary is a leading managed security service provider. The company reduces the information security and compliance burden, providing flexible security services that work the way clients want; enhancing existing initiatives, infrastructure and personnel. This blog is a place to learn about, and discuss, a wide variety of security and compliance topics.

Subscribe Now!  RSS Feed

LATEST TWEETS