Cyber criminals are again wasting no time on capitalising on public interest in major news events with a new phishing attack being reported based on the recent Tsunami hitting Pacific Island nations.
F-secure has reported that search engine optimisation (SEO) poisoning is again being used to to lure people into downloading a rogue antivirus agent.
“It seems SEO poisoning is the current 'trend' for directing users to rogue antivirus software,” the company’s security blog reads.
“These SEO poisoning attacks usually exploit major news topics, the latest of which is the September 29th earthquake off Samoa, which triggered a tsunami warning for numerous South Pacific islands, as well as Hawaii.”
The company reports that readers looking for news articles on the earthquake may come across this page in the Google search results with a ‘treemccoy.com’ based address. Clickin on these links leads to redirection to a “your PC is infected” type warning which encourages the download of the rogue AV.
F-Secure also reports that Twitter is also being used to direct people looking for tsunami news to rogue AV.
In related news, F-Secure is also reporting that World of Warcraft users are being targeted by phishing attacks offering players a free trial mount (an animal to travel about on in the game).
Players are directed to a phishing website which looks exactly like the real worldofwarcraft.com login page, according to the company.
“A player entering his details into the page expecting to get a mount basically gets his account pwned instead,” the blog posting reads. “Apart from losing all the gold and items saved, a compromised account could also be used to send out the malicious messages to other victims, adding insult to injury.”
Earlier this month F-Secure reported that hackers were continuing to exploit Patrick Swayze’s death with a trap claiming to be a video of the actor's funeral.