Watch out for the links you’re likely to come across in email or on social networking sites offering you additional coverage of this newsworthy event. Online scammers have already started to exploit the death of Al-Qaeda leader Osama bin Laden to spread malware or what we called Bin Laden malware scams. Many of the links you see will be perfectly legitimate links. But at least some are almost certain to be dodgy links, deliberately distributed to trick you into hostile Internet territory. Researchers at US computer security firm McAfee were seeing email messages as well as updates at social network Facebook and micro-blogging service Twitter baited with promises of pictures or news of bin Laden. The reported death of Osama bin Laden is just too good a lure for cybercriminals and scammers to pass up. Cyber crooks were using “expected lures” in messages to dupe people into clicking on links booby-trapped with malicious software designed to steal data from or take control of infected computers.
Ploys included a bogus promise of a look at a video debunking reports of his killing by showing the 9/11 mastermind holding up a newspaper with today’s date. Another trick was to promise graphic pictures of bin Laden’s corpse. Cyber-criminals typically use very attractive headlines to encourage users to click links and direct them to malware infected Web pages. Links are already beginning to spread across Facebook, similar to what happened following news of the recent earthquake in Japan. Users should be cautious of spam containing links to photos, videos and other information that sounds remarkably interesting on bin Laden’s death.
The malware, commonly executed by a hidden file called XvidSetup.exe, quickly downloads hotbars and other adware tools users may have a difficult time deleting. The file is undetectable by at least half of antivirus applications on the market. Users also need to be cautious of tweets through Twitter, and Facebook posts, as cyber-criminals gear up to attract unsuspecting traffic to spread malware. Recently a new Scam is spreading virally across facebook and already thousands of people have been scammed.
If you’ve been on Facebook recently, maybe you already have been invited to an event that purports to show you ways to find out “your total facebook profile views” or “who viewed your Profile”. Instead of finding out who viewed your profile, was actually “execute a script” that shares the “spammy link” to your other friends on Facebook. This is what we called Facebook Profile Viewer Scam Spam. Cybercriminals frequently use high-profile news events in a bid to entrap unsuspecting victims.