IT security and data protection firm Sophos has warned that hackers have created malicious webpages that are designed to entrap computer users searching the internet for more news of Patrick Swayze's death.Whilst the entertainment world mourns his loss, heartless hackers are taking advantage of the hot news story by setting up booby-trapped webpages containing information about the actor, which automatically trigger fake anti-virus (also known as scareware) warnings.
Cybercriminals are using Search Engine Optimisation (SEO) techniques to ensure that the sites appear high up on search engine rankings. Innocent internet users scouring the net for more information on the actor are then being sent to websites hosting malicious code.
Once on these sites, Patrick Swayze fans will see fake virus warnings and a recommendation to download bogus anti-virus software. When the malware is installed on a PC or laptop, users risk hackers defrauding them out of their credit card details.
Graham Cluley, senior technology consultant at Sophos, has created a short video to demonstrate how infection occurs, which can be embedded on blogs and news websites:
Death of Patrick Swayze exploited by hackers"The cybercriminals are no slackers when it comes to jumping on a trending internet topic and this is not the first time we have seen hackers taken advantage of the news agenda. The same tactic was used after the death of Natasha Richardson and on the anniversary of the 9/11 terrorist attack last week. As these criminals become more professional in spreading their fake anti-virus scams, consumers and businesses must be on top of their security game. The question to ask is - are you being equally expert in keeping your security up-to-date and your wits about you when you surf the net?" explained Cluley.
"If you're running a business, you need to have in place protection that automatically scans the websites in the background as your staff visit them. You simply cannot trust that the search results they click on in any single day will not lead them to malicious webpages deliberately planted by a cybercriminal."
(The Nation)