Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
It’s not only Western allies that are celebrating the death of Osama bin Laden. Security experts say the news will be a boon for spammers and malware writers who are set to capitalise on the extradorinary news as it trends across search engines and social networks.
The demise of bin Laden broke earlier today and has topped trending searches across Google and Twitter.
But scammers are already injecting fake news stories in hopes of fooling Googlers, the Twitterati and spam recipients.
"Within 24 hours we can expect in excess of 100 million spam emails" related to bin Laden's death, said Symantec SMB director Steve Martin.
"Anytime there is a major event there are always scammers."
He said it will be a vector to deliver malware to consumers and businesses and security administrators should be vigilant.
"Do not click on not click on any link pointing to a news site. Rather, go to a trusted news source and type in the link."
He said shortened URLs were vulnerable because they hid the link source.
Martin said Twitter users have a responsibility not to tweet short URLs about bin Laden's death: "If you need to make two tweets, then do it".
Sophos chief technical officer Paul Ducklin said blackhat search engine optimisers will be quick to seize on the news, even starting fake news sites.
"We saw that when William and Kate were engaged, and we will see it again," Ducklin said.
If an attacker has root access to a site, they can use PHP script to trick anti-malware functions within search engines like Google.
"They can make the site appear legitimate to a search bot, and assume a different form to a Google referral and different again to someone who types in the full URL," he said.
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
