Published on March 26th, 2011 | by Joshua Philipp0
Japanese Quake Used by Cybercriminals to Spread Malware
Cybercriminals are leveraging news around the Japanese quake to spread malware and use sympathy to dupe users. Digital security company Kaspersky found a new malicious website (this one in Portuguese) claiming that a “new tsunami” hit Sendai, Japan. The website contains an image that will install a trojan on the visitor’s computer if clicked. After successful execution, the computer tries to connect to several locations; some are named “wab.php” and “contador.php”.
According to the analysis:
The earthquake and tsunami related crisis in Japan is still far from over – so is the appearance of new cyber threats trying to exploit that same crisis.
Attacks that leverage the Japanese quake have been common. Some of the sites have phony donation requests or malicious links, and began appearing shortly after the disaster hit Japan on March 11.
According to digital security company McAfee:
Cybercriminals often take advantage of natural disasters to trick Internet users when they are vulnerable and looking for information. McAfee has seen similar types of scams following the earthquake in Haiti last year. Consumers should be on alert for these threats in their inboxes, as well as in search results and on social media, and take measures to protect themselves.
This ties into a growing trend cybercriminals use to dupe users. They do similar things with any event that generates a lot of Web traffic. I recently wrote about similar attacks targeting users searching for information on South by Southwest.
In an interview with Eric Klein, Senior manager for online strategy for security company PC Tools, I was told regarding these targeted attacks:
It’s almost like the equivalent of the old mafia, where they’re trying to cover up their criminal activities by making it look legitimate. These guys are actually spending money in Google search and Yahoo search, like any other marketer would, to get ranking for their scams.
McAfee posted the types of scams being used, along with tips on how to recognize them:
Bottom Line: Be suspicious of unsolicited donation requests and links related to big news events like the Japan earthquake, especially if they sound desperate or overly dramatic.
Tips to Avoid Becoming a Victim:
1) Never respond to a donation request that arrives via a spam email, text or instant message, especially requests that sound overly urgent. Also, be wary of any request posted to social media.
2) Be suspicious of any links that promise “dramatic videos” or images related to the disaster, especially if it is a shortened URL and you cannot see where the link is heading.
3) Remember that anyone can register a “.Org domain” and having one doesn’t indicate that the organization has a charitable status. If you are planning to donate, double check that the site’s domain is legitimate. Look for misspellings, odd grammar and other tips that the site may be a fake.
4) When you are searching for news on a natural disaster or other hot topic use a safe search tool like McAfee® SiteAdvisor® software, which tells you if a site is safe to click on or not right in your search results.
Photo Credit: Official Marine Corps photo by Lance Cpl. Garry J. Welch