Original URL: http://www.theregister.co.uk/2009/07/23/eclipse_scareware_scam/

Total eclipse used to bait scareware scam

Ruse targets geographically-confused stargazers

By John Leyden

Posted in Security, 23rd July 2009 13:25 GMT

Wednesday's total solar eclipse over India and China has been exploited as a bait for sites punting scareware.

Miscreants are using black hat search engine trickery to point geographically-confused users towards websites peddling rogue antivirus software, as explained in an illustrated advisory by Trend Micro here.

A search term associated with the attack "Solar Eclipse 2009 in America" might appear confusing at first, because the century's longest solar eclipse was at no point visible in North America. However, it makes sense when the target market for such scams - relatively affluent, if perhaps slightly naive westerners - is factored into the equation.

Trend Micro notes that the attack is not the first time astronomical events have been exploited to bait malware lures. A February 2008 lunar eclipse was used to punt a Trojan which posed as an image of the event, the security firm notes. ®