If an event is newsworthy, you can be sure cybercriminals are exploiting it and creating opportunities to drop malicious code on our computers – malicious code designed, in most cases, to separate unwitting victims from their money.
Taking advantage of our curiosity surrounding current events has long been a favorite tool of the bad guys, and as expected, cybercriminals have jumped on the news of Prince William’s engagement to Kate Middleton, and are actively exploiting this popular topic.
Cybercriminals don’t have to jump through hoops, write brilliant code, or take extreme measures, to be successful at the type of social engineering that goes hand in hand with capitalizing on newsworthy happenings. They simply poison selected search engine results – not as difficult to do as you might imagine.
For example, the Sunbelt Software Blog is currently reporting that “a Google search for “Kate Middleton” results in a poisoned link on the second photo under “Images for Kate Middleton.”
Google search string “Kate Middleton” = 14,300,000 results. (Click on a graphic to enlarge).
Google search string “Images for Kate Middleton” = 8,600,000 results.
Sunbelt warns that searching for photos of Middleton, can lead to images which redirect a Firefox user to a compromised site where the user is encouraged to download a Trojan masquerading as a Firefox update.
Click on the graphic to expand and check the URL closely. You’ll notice that it reads Friefox – not Firefox.
(Graphic courtesy of Sunbelt Blog).
The Sunbelt warning goes on to say:
The destination pages are usually legitimate ones, but are rarely ones dedicated to bringing news to readers. Depending on which browser the users are using, they will be redirected either to a YouTube-like page offering a video codec or to a page sporting and infection warning and offering a fake AV for download (IE users).
To save you the trouble of having to search – here’s a pic of the bikini clad Middleton.
Old advice, but worth repeating nonetheless – Save yourself from being victimized by scareware, or other malware, and review the following actions you can take to protect your Internet connected devices including your computer system:
- When surfing the web – Stop. Think. Click
- Install an Internet Browser add-on such as WOT (my personal favorite), which provides detailed test results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams.
- Don’t open unknown email attachments
- Don’t run programs of unknown origin
- Disable hidden filename extensions
- Keep all applications (including your operating system) patched
- Turn off your computer or disconnect from the network when not in use
- Disable scripting features in email programs
- Make regular backups of critical data
- Make a boot disk in case your computer is damaged or compromised
- Turn off file and printer sharing on your computer.
- Install a personal firewall on your computer.
- Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.
- Ensure the anti-virus software scans all e-mail attachments.
For additional information on fake search engine results, you can read an earlier article on this site – Malware by Proxy – Fake Search Engine Results.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.