Feeds

Scareware scams ride the back of killer whale tragedy

Black hats pee in the pool again

SANS - Survey on application security programs

Supposed footage of Wednesday's fatal Sea World killer whale attack in Florida actually points at sites distributing scareware.

Dawn Brancheau, 40, a trainer at Sea World in Orlando, lost her life yesterday after a killer whale attack. Miscreants have wasted no time is exploiting the tragedy, as so many before it, by setting up malware traps designed to ensnare the unwary.

Black hat search engine trickery is once again being used to drive traffic to these sites, by planting links to malware portals in Google results for searches terms related to the tragedy, such as "killer whale video pictures".

Users who follow poisoned links will be warned of supposed security risks on their PCs in an effort to persuade them to try and then buy fake anti-virus software of little or no utility, as explained in a blog posting by Sophos here.

Just about any newsworthy tragedy is likely to be used as a theme to promote scareware portals these days, one of the easiest mechanisms for cybercrooks to make money.

In related news, Twitter profiles compromised by a run of phishing attacks earlier this week have begun pushing out links to fake anti-virus portals. Because of this malign activity, users of Twitter search need to be especially careful, warns Sunbelt Software security researcher, Chris Boyd. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.