Osama bin Laden's death is sure to kick off a cyberscammer arms race, with spam messages, fake videos and poisoned pictures used as their weapons of choice.
Credit: FBI |
While most of the world slept after -- or possibly through -- President Barack Obama's announcement late last night (May 1) that bin Laden had been killed in a targeted attack on his Pakistan compound, cybercriminals quickly rushed to the offensive in an attempt to cash in on the earth-shattering news.
Here's what to watch out for in the coming days and weeks, as news of the death of al-Qaida's top terrorist takes over the Web. (This morning it was leading in Google searches and Twitter hashtags.)
Phony news stories
A spam message found by the security firm Sophos claims to have the "real" story of how bin Laden was killed, complete with images. Although the message carries an air of legitimacy by purporting to be from a real news source, clicking on the link, however, directs users to an ad for window replacement.
This particular ad won't harm your computer or steal your money, but it's a definite sign of what's to come.
Undoubtedly, as with any news that grabs the world's attention, there are sure to be scores of people who will chase down any potential development on bin Laden's death.
Be careful of news stories -- especially from sources you may never have heard of -- that promise footage of information no other site has. As the saying goes, if it seems too good to be true, it probably is.
Live video
If you had the chance to see a live video of U.S. ground forces killing bin Laden, would you watch it?
Cybercriminals certainly think so, and a fake video claiming to have such highly coveted footage is already making its presence known on a Spanish-language website. The website, according to Michael Sutton with the security firm Zscaler, hits visitors first with a gruesome -- but fake -- photo of bin Laden after being shot.
If that isn't enough to lure readers in, the site offers visitors a video of bin Laden's killing. But, as with the fake news stories, the video is a setup -- a clever front. If you click on the video, you are first told to upgrade a Flash Player plugin, which is actually a piece of malware that allows criminals to gain unauthorized access to your computer.
Fake videos, as seen during March's devastating tsunami in Japan, are surefire tactics cybercriminals deploy to capture users' attention following global news events. If you click on a video, make sure its source is legitimate, and not a clever spoof of a real news or video website such as YouTube.
Facebook follies
A similar video quickly showed up on Facebook, still ripe new territory for scammers. A link circulating today promised "Shocking NEW VIDEO of Osama Bin Ladens DEATH!!," reported Sophos.
But of course there was no video -- Facebook users who clicked on the link got yet another video that generates ad revenue for the poster, and also had the privilege of the link being broadcast to all their friends.
Tricky trends
The hashtags #osama and #obl (Osama bin Laden) are currently the top trending topics on Twitter. And as with all events that draw worldwide online attention, bin Laden's death is spreading quickly through social networking sites like Twitter and Facebook.
You can be sure online criminals are scheming to divert some of that massive Web traffic to their own malicious pages.
As the aforementioned rigged videos and fake news stories find their footing and start spreading virally through the social networking giants, it's important to exercise caution about what you click. Even if your friends' Twitter feeds and Facebook walls are flush with bin Laden-related messages and links, it doesn't mean it's safe to click on those links.
"Don't blindly trust links you see online, whether in emails, on social networking sites, or from searches," Sophos' Paul Ducklin wrote.
Poisoned pics
Another vector for attack cybercriminals often use is poisoned SEO and images -- the tactic of creating malicious websites and rigged pictures tied to high-profile topics.
Last week's Royal Wedding, for instance, sparked criminals to quickly build phony websites -- including enticing pictures -- aimed at cashing in on search terms such as "Royal Wedding" and "Kate Middleton wedding dress." The Japanese tsunami drew similar scams, targeting people's natural curiosity to back up what they'd been reading about with visual proof.
With a news item as international as bin Laden's death, it's important to remain vigilant while browsing the Web. Online criminals are constantly looking for the next big topic, and this one is sure to stick around for a while.
Conversion Conversion Emoticon Emoticon