Scammers quick to capitalise on death of Bin Laden

Online criminals have been quick to exploit the death of Osama Bin Laden, and the event is being watched by the security industry as a case study in news exploitation.

The security industry was getting ready for attacks related to the event within hours of the news becoming public, as spammers and scammers have proved increasingly adept at using significant events to fool internet users.

"Recently, we saw that the rogues either anticipated, or at least reacted with remarkable agility, to Audubon's birthday. They were either really quick, or they watched what Google did on the same day last year," said Roger Thompson, vice president of AVG's web threat research team, in a blog post.

"It'll be instructive to see how long this event takes. We will bate our collective breath."

Attacks have been quick to emerge, the first wave coming through Twitter in a couple of hours, according to Michael Sutton, vice president of cloud security firm Zscaler.

"Any time there's breaking news we start monitoring, and Twitter is generally what we leverage since it's so much more real-time than search engines," he told V3.co.uk.

One of the first to pop up was a Spanish site carrying a digitally altered picture of Bin Laden with a Flash video player which requested a VLC codec named XvidSetup.exe. The software is in fact an adware tool called hotbar.

Scammers are also using the event to support Facebook scam sites. Security researchers at Imperva found a post on a black hat search engine optimisation messageboard claiming to have had great success with a bogus Osama web site.

The poster recommends setting up a fan site celebrating Osama's death, which suggests viewers ‘Like' the page. In fact, the action generates similar messages on other spam sites, which brings in advertising revenue.

"This is one of those rare opportunities that can build you a great list and add a couple of zeros in your profit," the posting reads.

"Use it while the news of Bin Laden killed by US forces is hot. I just started one and it had 600 likes in two minutes."

IT managers are being urged to upgrade spam filters, and web users are warned to be on their guard against spam and software ‘updates' associated with the news.