Application security, Threat Management, Malware, Phishing

Swine flu cases cause outbreak of fraud on internet

Cyberopportunists are trying to cash in on the swine flu outbreak by launching spam attacks and registering URLs that reference the hot news story.

Security firm McAfee said Monday that about two percent of all spam now contains the words "swine" and "flu," while competitor F-Secure reported that at least 146 domains containing references to the outbreak were registered over the weekend.

"We absolutely saw this one coming," Dave Marcus, director of security research and communications at McAfee Avert Labs, told SCMagazineUS.com on Monday.

Neither the emails nor the websites appear to be foisting malware, but a majority are linking to pharmaceutical websites, Marcus said. Some of the messages are arriving with subject headings such as "Salama Hayek caught swine flu!" to entice users to read them.

"I guess the tie-in to e-pharmacy sites is logical considering the content," he said. "Swine flu is a good lure to get someone to go to a pharmacy site."

But Marcus said he predicts that by the middle of the week, cybercriminals will begin leveraging the global health issue to push malware onto unsuspecting users' machines.

"I wouldn't be surprised to see a video saying that Salma Hayek is vomiting from the swine flu, and it leads to a trojan," he said, only half-joking.

Meanwhile, most of the websites registered to reference the outbreak, including swineflurelief[dot]com or swineflusafe[dot]com, either are "parked" and contain no live content or contain links to pharmacy or debt-relief sites.

Some of the sites that have been registered appear to have been taken offline. Security officials at domain registrars such as Go Daddy have told SCMagazineUS.com that they typically monitor these types of sites to ensure they are not being used for fraudulent or morally wrong purposes.

Marcus said he expects criminals to begin using search-engine optimization tactics in earnest to push their malicious sites higher on search results' rankings. Fraudsters accomplish this by embedding popular search terms -- in this case, swine flu -- into their personal websites.

"It has good Google juice," Marcus said. "The trend lately is to take advantage of high-impact media events. It's just a means to an ends for them."

Organizations should adjust their spam and URL engines to be on the lookout for swine flu terms, Marcus said. Most importantly, users should vigilant.

Swine flu has killed more than 100 people in Mexico and sickened dozens in the United States and abroad. President Obama on Monday said the flu outbreak is "no cause for alarm," but his administration declared a public health emergency on Sunday as a precaution.




Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.