Swine Flu spam hits fever pitch

Worried about the Swine Flu outbreak sweeping across the continent?

If you’re planning to scour the Web to grab more information about the disease better think twice before launching a Google search.

Your best bet is to go to known news sites.

These could include public health institutional sites – such as the relevant World Health Organization (WHO) sites, or that of your local healthcare government agency, says Dave Marcus, director of security research at Santa Clara, Calif.-based McAfee Inc.

Related stories
Stressed out by spam? Here’s what you can do
Montreal real estate firm cans spam with Google Message Security
How to can spam on the go

Spammers have lost no time exploiting fears over the swine flu outbreak, flooding the Internet with hastily set-up domains purporting to contain information or juicy celebrity news connected to the epidemic.

A simple Web search is more likely to land you on to these parasitic sites.

There’s a profusion of swine flu spam messages on the Web, but Marcus says it’s too early to come up with definite numbers.

He estimates that spam e-mail messages using keywords such as “swine” and “flu” account for about three per cent of worldwide spam messages being circulated on Tuesday, up from almost nothing the previous day.

A Cisco Annual Security Report released in the later part of 2008 said estimated that spam accounts for 200 billion of the e-mail messages sent around the world.

By McAfee’s estimates that would place swine flu at around 6 billion.

Some of the subject lines observed by McAfee were:

  • First US swine flu victims
  • US swine flu statistics
  • Salma Hayek caught swine flu!
  • Madonna caught swine flu!
  • Swine flu in Hollywood!
  • Swine flu in USA
  • Swine flu worldwide!

Of course such blackhat tricks are pretty old hat, says Marcus. “This is not surprising at all. It’s all tried and true strategy,” he said.

Spammers typically ride on the coattails of the celebrity controversy or hot news of the moment and use this as a vector for spreading unsolicited mail or malware.

“We noted that domain registrations that included ‘swine’ or ‘flu’ in their URLs were up 30-fold,” Marcus said. Search strings containing those words are also rising sharply.

He said these words are being used by spammers because they are currently highly searched terms on the Internet.

Links to the spam lead to online drug sites or “e-pharms” that either sell bogus or adulterated drugs, or harvest credit card numbers of consumers who happen to click on the site, he said.

“These usually claim to sell low-cost vaccines or even offer get-rich quick schemes,” Marcus said.

Chris Barton, another McAfee researcher said in his blog that he expects the drug Oseltamivir, also known as Tamiflu to “get extra exposure once the affiliate pill sites are updated.”

There are, however, no signs yet of swine flu-related malware.

“We haven’t seen any instances of that yet. But if it shows up, it wouldn’t be a surprise,” said Marcus.

Other cybercrime news

In another development, McAfee has launched a new Web site designed to help victims of cybercrime recover from hacker attacks.

Cybercriminals have become more sophisticated with their methods and have been compared to organized syndicates such as the Mafia, but McAfee hopes their new tool will give computer users a leg up in the battle.

The company bills its Cybercrime Response Unit as a kind of “online 911” where consumers and small-business owners can figure out whether they’ve been hacked, and take steps to connect with law enforcement.

The site helps victims triage any common computer problems.

For example, it can tell them what to do if they’ve opened an attachment that they now think may have been malicious, or if they’re worried that their child may be talking to a predator online.

Complaints about Internet-related crime spiked 33 per cent last year, according to the U.S. Federal Bureau of Investigation’s (FBI’s) Internet Crime Complaint Center.

In the U.S., online crimes can be prosecuted by state, local and federal authorities, including the FBI or the U.S. Secret Service, and victims are often unsure what to do after they’ve been victimized.

In fact, people who have been hacked often don’t even know it, said Pamela Warren, a cybercrime strategist with McAfee.

To help with that problem, a visitor can try out an online scanning program that will check their computer for any signs that it has been misused by criminals. (It is available only for Internet Explorer on Windows.)

“If you’re a victim and you just don’t know where to go, this is really meant to consolidate [that information],” Warren said.

The site includes resources for victims of cyber bullying, identity theft and online scams, she said. “Regardless of what the cybercrime is, you can come here and get help.”

Share on LinkedIn Share with Google+