Cybercriminals Abuse Osama's Death To Defraud Users

By Author: eccuni
Total Articles: 211
Comment this article

The news of Osama bin Laden's death, almost 10 years after 9/11 attack, was bound to attract attention of people worldwide. Such events generate huge interest and curiosity among people and result in increased Google searches and tweets. While Google rated search for the phrase ‘osama bin laden dead’ as 'Volcanic', the highest rating for trends, Twitter registered around 5,106 tweets per second at the peak of the news. Akamai reported that global page views of news sites reached 4,118,000 page views per minute at the peak of the news. Ironically, cybercriminals were quick in launching spam campaigns to defraud Internet users. Security researchers at Kaspersky Lab identified malicious links in Twitter, which pretend to be directing to a death video of Osama bin Laden.

Attackers also tried to distribute malware through 'Osama still alive' and 'fast and furious movie' links. Security researchers at Sophos identified a survey scam on Facebook. Internet users are enticed to a click on a link to view Osama's shoot down video by CNN. However, the link redirects users to a page, which asks users to complete a five second ...
... security check. The spam tricks users to copy and paste a malicious script on the web browser by abiding few commands listed on the window. Unwary users, who enter and run the script on the address bar, inadvertently share the malicious video with all their listed friends on the social networking site. The malware may then spread virally among other users.

Cybercriminals are proactive in exploiting major events to launch malware campaigns. Recently, attackers leveraged on the Royal Wedding to install malware and fake anti-virus applications. They also leveraged on Tsunami in Japan by sending cleverly crafted phishing e-mails, which attempted to target users interested in charity. US-CERT has alerted users on possible phishing attacks, e-mail scams and fake anti-virus scams, leveraging on Osama bin Laden's death.

Hiring professionals qualified in computer science degree may help organizations in timely identification of security threats and mitigating measures. Cybercriminals use sophisticated techniques to install malware on computer systems. They use all possible channels such as e-mails, social networking sites, micro-blogging sites and Short message services (SMS) to entice users to execute malicious scripts. The April Malware report by Kaspersky Labs highlights use of SMS to spread Trojans in Russia. The security firm detected use of file names YaZ.jar or 606.jar in the malicious links. In this case, users receive a MMS notification followed by the malicious link. Net-Worm.Win32.Kido.ir continues to be the top malicious program and affected 428,587 users. AdWare.Win32.HotBar.dh tops the list of malicious programs on the Internet and was in use in 855,838 attacks. Employees must be educated on various security threats, do's and don'ts through huddle sessions, e-learning modules and training sessions. Online degree courses may help employees in understanding various techniques used by cybercriminals and best online computing practices.

IT professionals may benefit from online university degree courses to update their technical expertise. Security conferences, webinars and discussion forums may help IT professionals to abreast themselves of latest threats and developments in the IT security.