Security researchers are warning people that hackers, virus writers, and phishers generally try to launch schemes associated with big news events and tragedies.
Security researchers are warning people to be watchful for phishing scams and malware attacks that take advantage of this week's tragedy at Virginia Tech.
U.S.-CERT issued a warning
that users and IT managers should be aware that new phishing campaigns generally are launched in the wake of tragedies and natural disasters. Researchers at the government's Computer Emergency Readiness Team advised users to remain cautious when receiving unsolicited e-mail that could be a potential phishing attempt.
Phishing e-mails often arrive in the form of phony requests for donations from a charitable organization, asking the users to click on a link that will then take them to a fraudulent Web site set up to appear to be a legitimate charity. The users are then asked to provide personal information that can put them at risk of identity theft.
Graham Cluley, a senior technology consultant for Sophos, told InformationWeek that malware authors and spammers also try to take advantage of major news events, like the killings at the Virginia school.
"It's pretty sick that cybercriminals use tragic events in the headlines like this in their attempts to make cash, but sadly it's not the first time and unlikely to be the last," he said, noting that Sophos analyst haven't seen any of these attacks yet.
Hackers and phishers have a long history of using tragic events to their advantage. In January 2006, the FBI issued a warning about an e-mail scam
that was fraudulently soliciting donations to help the survivor from the Sago mine disaster. Another e-mail scam came in September 2005 when hackers sent out e-mails
purporting to offer up breaking news about the Hurricane Katrina disaster. Users were directed to a malicious Web site where their machines were infected with malware.
In June 2005, hackers even latched onto the death of Pope John Paul II. "Internet criminals have no respect for taste and decency," Cluley said at the time of that attack. "All they're interested in is making money and other computer users' lives a misery."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.