Tuesday, November 18, 2008 - Almanac Vol. 55, No. 13
Hackers and Identity Thieves Cash in On Current Events
The weeks leading up to and following major events -- such as a presidential election or a Phillies World Championship -- are always highlighted by a peaking of interest in news and items about the event, and the Internet is always buzzing with videos, images, and news items that are "virally" distributed by e-mail, websites, and other electronic sources.
Unfortunately, in some cases this "viral" aspect is literally true. Hackers, spammers, and identity thieves often leverage heightened interest in the news to get people to respond to e-mails or visit websites they might not otherwise consider. A case in point, as reported by the Washington Post and other major media outlets, involves a wave of spam messages containing a link to a video of President-elect Obama's victory speech, and the site contains a picture of Obama beneath an official looking government seal and the title "America.gov". Visitors to the site are prompted to download an "updated" Flash player before viewing the speech. Unfortunately, the site is bogus and the plug-in is a "Trojan Horse" malware application designed to steal data from the host. Virustotal.com reports that less than half of major anti-virus software products were able to detect this exploit, leading security experts to caution that when updating software, it can be dangerous to obtain updates from sites other than the vendor's own.
As with all other forms of spam, "phishing," and the like, of course, the best advice remains: be very careful about opening attachments, visiting unfamiliar websites, and downloading "free" software.