Scareware SEO attack exploits Royal engagement story, Sophos reports

November 17, 2010 Sophos Press Release

IT security and control firm Sophos is warning computer users to be cautious, following the discovery that yesterday's news of the engagement of Prince William and Kate Middleton is being exploited by cybercriminals. Searching for 'kate middleton + william' will bring up a huge number of legitimate news results and images, but Sophos advises that computer users should be wary, as some search results are leading to rogue websites, offering the visitor fake anti-virus scans.

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

"We've seen this trend before with hot news stories," said Graham Cluley, senior technology consultant at Sophos. "Cybercriminals take advantage of popular search terms to direct browsers to bogus security sites and trick them in to handing over credit card details, or into downloading further dangerous software on to their computers."

Sophos warns computer users that scams of this type can be extremely successful at passing revenue quickly and directly into the hands of attackers. The criminals convince the user that their machine is in danger so they are tricked into downloading bogus software. Once the computer is infected with fake anti-virus, the software will continue to bombard the user with warning messages encouraging them to pay for threats to be removed.

"People mustn't be distracted by the latest photo of the happy couple when clicking through to links," continued Cluley. "We all need to be on our guard when browsing unknown and untrustworthy sites."

More information about this attack can be found on Sophos's Naked Security blog.