`Osama`s death sparks cyber scam`

A spam message found by security firm Sophos claims to have the real story of how Laden was killed.

Last Updated: May 03, 2011, 14:35 PM IST

Washington: The killing of Osama bin Laden by
US special forces is likely to kick off a cyber scammer arms
race, with spam messages, fake videos and poisoned pictures
going to be their weapons of choice, experts have warned.

While most of the world slept after US President Barack
Obama`s announcement late night on May 1 that the al Qaeda
chief had been killed in a targeted attack on his Pakistan
hideout, cyber criminals quickly rushed to the offensive in an
attempt to cash in on the breaking news, the experts said.

A spam message found by the security firm Sophos claims
to have the "real" story of how bin Laden was killed, complete
with images.

Although the message carries an air of legitimacy by
purporting to be from a real news source, clicking on the
link, however, directs users to an ad for window replacement.

This particular ad, the experts said, won`t harm your
computer or steal your money, but it`s a definite sign of
what`s to come, LiveScience reported.

Undoubtedly, as with any news that grabs the world`s
attention, there are sure to be scores of people who will
chase down any potential development on bin Laden`s death.

But, be careful of news stories -- especially from
sources you may never have heard of -- that promise footage of
information no other site has, the experts warned.

"Don`t blindly trust links you see online, whether in
emails, on social networking sites, of from searches," Sophos`
Paul Ducklin was quoted as saying.

A fake video claiming to have highly coveted footage of
the killing of bin Laden is already making its presence known
on a Spanish-language website.

The website, according to Michael Sutton of the security
firm Zscaler, hits visitors first with a gruesome -- but fake
-- photo of bin Laden after being shot.

"But, as with the fake news stories, the video is a setup
-- a clever front. If you click on the video, you are first
told to upgrade a Flash Player plugin, which is actually a
piece of malware that allows criminals to gain unauthorised
access to your computer," Sutton said.

As the aforementioned rigged videos and fake news stories
find their footing and start spreading virally through the
social networking giants, it`s important to exercise caution
about what you click, the experts said.

Even if your friends` Twitter feeds and Facebook walls
are flush with bin Laden-related messages and links, it
doesn`t mean it`s safe to click on those links, they warned.

Another vector for attack cybercriminals often use is
poisoned SEO and images -- the tactic of creating malicious
websites and rigged pictures tied to high-profile topics.

Last week`s royal wedding, for instance, sparked
criminals to quickly build phony websites -- including
enticing pictures -- aimed at cashing in on search terms such
as "royal wedding" and "Kate Middleton wedding dress".

The Japanese tsunami drew similar scams, targeting
people`s natural curiosity to back up what they`d been reading
about with visual proof.

With a news item as international as bin Laden`s death,
it`s important to remain vigilant while browsing the Web, the
researchers cautioned.

PTI