Beware Osama Email Links

I haven’t read anywhere yetWell, that didn’t take long.  Threatpost has reported that Kaspersky Labs has detected spam e-mail campaigns and search engine optimized Web pages offering news and images of Bin Laden within hours of the first reports of his death.  Clicking those links directed Web surfers to malicious Web pages that try to install Best Antivirus 2011, a fake anti malware program.

A virus researcher wrote about a Facebook spam campaign offering free subway rides and plane tickets to “celebrate Osamas death.”  The malicious Facebook pages ask for personal information to win a prize, but users end up spamming friends and getting redirected to other pages seeking even more personal information.

Current events and big news stories are a popular tool to lure malware victims.  Malware has now been foisted onto Osama Bin Laden news seekers, be prepared for it.  It is simply too globally interesting and compelling a story to be long ignored by the malicious.  There are enough sketchy and mising details to launch a long and successful spam campaign.  Do not blindly trust anonymous emailings regarding hot news items.  If you are unsure about the reliability of your sources, your news is questionable anyway.  What should you do?  I sift through between 1000-3000 messages a day.  Here is my 6 step news spam avoidance process…

  1. Look Closely.  If the email address in the header doesn’t match what is displayed in the “From” field, or in the body of the email, delete it.
  2. Is the spelling and grammer in the body correct?  If not, delete it.
  3. Is the link “shortened”?  Some people use link shorteners to mask web addresses.  Great way to hide your malicious intent.  Delete it.
  4. Does the link to the story appear to lead to the expected web site?  (If the email came from CNN, does it actually show or\cnn.html)  Delete.
  5. Roll your mouse over, but don’t click.  Does the pop-up text match the address?  If not delete it.
  6. Finally, if you’re really interested in a news story, type the link to the main news site into your browser yourself, and seek the story out.  If it’s a top story, it should be easy to find.

Always treat your email with suspicion.  If I receive an email, I consider it the first stage of a conversation.  The source of any information provided initially needs to be verified, and then the facts validated.  Too many people would love to take your hand, lead you down the garden path, and bit the snot out of you behind the rose bushes.