IT security and control firm Sophos is warning computer users
keen to get the latest news on Natasha Richardson's death to be
careful about which news story they read. Sophos has already seen
compromised websites hosting content related to the award-winning
English actress who died yesterday after suffering head injuries in
a skiing accident earlier in the week.
According to Sophos, hackers have been creating malicious
webpages and stuffing them with keywords, most likely through
content scraped from legitimate news websites. By using content
related to Natasha Richardson's death, the cybercriminals have made
their attack timely and ensured that it will feature high up in
search engine results, increasing the chances of unsuspecting
victims visiting the site.
"Cybercriminals don't waste any time jumping on the coat-tails
of breaking news stories in their attempt to infect as many
computer users as possible," said Graham Cluley, senior
technology consultant at Sophos. "Speed is everything for these
hackers - they know that more people will be searching for
information about Natasha Richardson today than, say, in two weeks
time. All computer users need to be on their guard against these
attacks. One way to avoid falling into this trap is to visit an
established news website rather than using a search engine which
might take you to a keyword-stuffed site harbouring malware."
Sophos notes that if and when computer users do visit the
compromised web links, a malicious script known as Troj/Reffor-A
will run on their computers. This will then run a fake anti-virus
product designed to scare users into making an unwise purchase.
Fake anti-virus products, also known as scareware or rogueware,
are one of the fastest growing threats on the internet, and attempt
to frighten users into believing that your computer has a security
problem and that you should purchase a solution from the very
people who have tricked you.
More information about this threat is available on
Graham Cluley's blog.