Info-tech

Japan quake: Security firms warn of bogus Web sites seeking donations

T.E. Raja Simhan Chennai | Updated on March 18, 2011 Published on March 18, 2011




Are you planning to donate online for tsunami affected people in Japan? Make sure you select the right Web site as it could be a decoy Web page posted by cybercriminals trying to make quick money out of natural disasters.

This warning was issued by the US-based SANS Internet Storm Centre (ISC) and various anti-virus software companies. They warned Internet users to be careful about e-mail scams and Web pages looking to turn curiosity about the events in Japan into illicit gain.

The ISC, which alerts on e-mail scams and viruses and on fraudulent organisations, urged users to donate only through trusted organisations and not to new organisations just set up for this particular event.

Malware — software designed to secretly access a computer system without the owner's knowledge — may be advertised as a video report of the event or come under other pretences. Reports are already showing fake AV (audio video) exploiting the Japanese earthquake, the centre warned.

For example, while searching for Japan earthquake in a search engine, there could be pop-up advertisements to trick unsuspecting, curious or concerned Internet users into opening malicious attachments or clicking malicious links they might otherwise avoid. Cyber criminals or scammers could use search engine optimisation (SEO) to place scam Web pages high in the search results of major search engines.

Websense Security Labs has tracked several ‘black hat attacks' (hacking) designed to take advantage of recent events in Japan. SEO poisoning was used within minutes of the first wave hitting the Japanese coast.

The use of common search terms such as ‘Japan earthquake news 2011' to search for the latest information in search engines is throwing up all sorts of results, including malicious sites hosting fake AV.

Social networks also targeted

There is also a vector of attacks targeting the social networks. Websense Threatseeker Network has identified a set of Web sites that entice users to watch a video about the latest disaster events in Japan. Instead of getting a movie, users are redirected to a Facebook application installation page. The application asks for permission to post on the user's wall.

According to Mr Elad Sharf of Websense Security Labs, “Cybercriminals exploiting news of disastrous events really are the bottom feeders of the electronic age. While the rest of the world is shocked and saddened, these cybercriminals rub their hands with glee, seeing it as more ammo for their arsenal of malicious activities.”

Kaspersky Lab has also detected a malicious spam campaign using the recent earthquake in Japan to infect users. These e-mails contain malicious URLs. If someone clicks on the link, the malicious Web site uses JAVA exploits to install malicious applications on their machine. Once infected, the computer starts displaying localised ads.

Published on March 18, 2011
This article is closed for comments.
Please Email the Editor