Spammers and hackers are jumping on the royal wedding bandwagon in order to make some quick cash Security experts are warning that some cyber-criminals are seeking to exploit public excitement ahead of the royal wedding on 29 April, unleashing an array of malware campaigns including phishing and spam emails.Security firm Symantec has uncovered a number of scam email campaigns offering royal wedding memorabilia, including a replica of Princess Dianas engagement ring, limited edition Buckingham Mint commemorative coins, and customisable mugs and t-shirts. Links in the emails redirect the user to a spam product site.Spam and Black Hat SEOFurthermore, Symantec warns that black hat SEO techniquesare being used in fake pages to lure people looking for news related to the royal wedding. At one point, a search for william and kate movie imdb returned 61 malicious links in the first 100 search results, the security firm said.Other search terms currently returning poisoned links inc lude william and kate movie cast, royal wedding guest list bush, and princess diana death facts.We have seen over 500 compromised sites being used in this campaign over the past few days, said Symantecs Suyog Sainkar in a blog post. Attackers create multiple fake pages on each site and use unethical SEO techniques such as keyword stuffing, cloaking, and link farming to game the search engine algorithms to achieve high search engine rankings.
Meanwhile, a poll conducted security by Imperva at this years Infosecurity Europerevealed that 38 percent of security professionals have witnessed the royal nuptials being used for malvertising. Over a third have seen wedding related spam and 20 percent incidents of search engine poisoning, the company said.
Everyone loves a good wedding and it appears hackers are no different, said Impervas CTO Amichai Shulman. While were not surprised by the results it is worrying that criminals are systematically jumping on every opportunity to illegally make money by identifying, and utilising, revenue generating opportunities that utilise stolen credentials or inject malware.The royal wedding is another reminder that organisations need to be vigilant to hosting phishing sites and act promptly to take them down if non-security savvy individuals are to be protected, he added.Imperva advises Internet users to ensure their computers security software is up to date and refrain from responding to emails from people they dont know offering leaked information or sharing secrets from someone close to the happy couple.Opportunistic ScamsEmail scammers are increasingly using such high-profile events to target victims. Previous phishing scams have addressed news items such as the volcanic ash cloud a nd the Haiti earthquake where phishers got four million downloads in ten days and the launch of the iPad.Earlier this year security services firm Webroot warned that UK citizens in a hurry to get their tax returns in before the final deadline were in danger of falling for email phishing scams, which await these vulnerable users.Although most people are wise to such scams, enough still succumb to make it worth the villains while, said Greg Day, director of security strategy for McAfee in EMEA, speaking to eWEEK Europe last year.
iAutoblog the premier autoblogger software
沒有留言:
張貼留言