April 28th, 2009
Swine flu email scams circulating
Opportunistic scammers and spammers are actively exploiting the swine flu buzz across the web by spamvertising links to pharmaceutical scams, and bogus ‘Swine Flu Survival Guides’ using search engine optimization of typosquatted domains related to the outbreak.
The event-based social engineering campaign is similar to the recent fake ‘Conficker infection alerts‘, the bogus Conficker removal tools pushed through SEO practices, and the timely spam campaign serving malware as a fake Microsoft patch Tuesday message.
Strangely, the massive spam campaign doesn’t seem to be targeting the specific market segment since upon clicking on the links the users are directed to the ubiquitous Canadian Pharmacy scam. Based on previous experience with related campaigns, cybercriminals are prone to diversify the traffic acquisition tactics, so consider keeping yourself informed on the issue by using the right sources.
This isn’t the first time that viral outbreaks are being used by cybercriminals in order to increase the trust factor of a particular campaign. According to Trend Micro’s researcher Ivan Macalintal, a similar event-based spam campaign took place in 2003 in the wake of the SARS epidemic with the mass-mailing Coronex worm campaign using SARS related messages to spread.
The bottom line - don’t bargain with your health, and drive the cybercrime economy in between.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog. See his full profile and disclosure of his industry affiliations.
Subscribe to Zero Day via Email alerts or RSS.
