Application security, Malware, Phishing

Earthquake and tsunami breed web scams, malware


The 8.9-magnitude earthquake and deadly tsunami in Japan also has triggered a tidal wave of cybercrime, say experts.

Almost immediately after the news broke, internet fraudsters got to work by customizing their malicious websites so they would rank near the top of search results, a process known as black hat search engine optimization. The sites purportedly featured information about the quake but actually had been booby-trapped with malware, such as rogue anti-virus programs.

"We immediately monitored for any active attacks as soon as news broke out, and true enough, we saw web pages inserted with key words related to the earthquake," wrote Norman Ingal, threat response engineer at Trend Micro.

Chicanery on the web is quite common following disasters, including previous tsunamis and other unique tragedies.

US-CERT on Friday also warned of possible phishing ploys and other email scams that might target unwitting users. The SANS Internet Storm Center, meanwhile, advised users to be on the lookout for bogus organizations that may be mimicking legitimate charities.

"If possible, donate to organizations you know and trust, not to new organizations just set up for this particular event," wrote handler Guy Bruneau. "The IRS maintains a list of tax-exempt charitable organizations."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.