Quartet of online swine flu scams become malware pandemic

The words “swine flu” had barely been uttered last spring when spammers and malware authors, hoping to take advantage of fears and curiosity about the virus, began devising ways to trick people with clever subject lines and fake web sites.

In April, only days after officials began to talk about the virus, officially known as H1N1, researchers with several security firms reported spam relating to the virus already accounted for 4 percent of all unwanted emails.

Related story: Swine Flu spam hits fever pitch

More than six months later, H1N1 has indeed spread to large numbers of people around the world. So have related scams and schemes cooked up by the bad guys, either looking to infect your computer, steal your credit card information or sell you phony products. Here, we detail some of the most common lines being used online lately.

Treat swine flu virus! Buy Tamiflu without a prescription

Researchers at McAfee Labs have found that a great deal of the spam ending up in inboxes lately has a subject line that offers Tamiflu, a prescription-only medication that can stop influenza from further mutating in the early stages of the virus, without a prescription. According to McAfee Labs lead researcher Adam Wosotowsky, the link offering Tamiflu usually directs users back to an alleged Canadian pharmaceutical site that likely sells fake products. In fact, spam that advertises websites for “Canadian pharmaceuticals” accounted for more than 70 percent of global spam volume in September, according to McAfee analysis.

In the past few weeks, fraudulent offers of so-called swine flu treatments and medications have become so widespread that the FDA and the FTC has issued warnings to consumers to avoid them. Earlier this month, the two agencies released a joint warning letter to one website offering fraudulent H1N1 flu supplements. The FDA also maintains a list of fraudulent 2009 H1N1 influenza products so consumers can check out what snake oil is being sold claiming to cure or prevent the virus.

“Products that are offered for sale with claims to diagnose, prevent, mitigate, treat or cure the 2009 H1N1 influenza virus must be carefully evaluated,” said Commissioner of Food and Drugs Margaret A. Hamburg, M.D., in a statement. “Unless these products are proven to be safe and effective for the claims that are made, it is not known whether they will prevent the transmission of the virus or offer effective remedies against infection. Furthermore, they can make matters worse by providing consumers with a false sense of protection.”

Officials warn much of what is being offered online is fake, and even dangerous. FDA evaluation of one such product claiming to be Tamiflu revealed it was only a mixture of talc and generic Tylenol. So other than the obvious possibility of being ripped off, is the chance that the product could be dangerous.

Takeaway: The only safe and legal way to get Tamiflu is to see your doctor

Swine flu cases tripled over night!

The subject itself us usually pretty catchy, said McAfee’s Wosotowsky. When H1N1 first made its appearance several months ago, the commonly-used line was “Obama catches swine flu!” These days, Wosotowsky is seeing spam ploys that tend to prey more on the pandemic implications of the virus, such as “Swine flu cases tripled overnight” or “Help swine flu victims.”

The “interesting news item” is just another common spam scheme criminals use to get your attention. But instead of taking users to a legitimate news story, those that click either find themselves directed back to a bogus drug site, or have malware downloaded onto their computer. This is also a technique that has been employed on Twitter, where bad links have been shortened to obscure their origin.

Takeaway: Resist the urge to click links in emails with swine flu news. Get the latest information about H1N1 off of legitimate news sites or government sites, such as the CDC‘s, which is tracking the viruses spread and has daily updates about vaccine availability.

Searching the term ‘swine flu’ leads to fake AV sites
Now, we did just advise you to do your own searching for swine flu news, rather than trusting unsolicited emails offering you information. But when you Google “swine flu” or “H1N1,” you still need to be careful. That’s because security researchers are seeing more use of shady search engine optimization techniques, which draw users to spoof web pages where malware is downloaded.

PandaLabs, the research arm of Panda Security, recently released a quarterly report on cyber-threat activity and revealed that they have detected a major growth in the distribution of malware through such blackhat SEO techniques, which often exploiting current issues such as swine flu.

If your computer isn’t equipped with one of the many online tools that can determine if a site is risky, you can check out the site’s rating with Google safe browsing. Simply replace “mysite.com” with the site in question. IE: http://www.google.com/safebrowsing/diagnostic?site=itbusiness.ca.

Takeaway: Use care when searching for information about swine flu/H1N1. If it is not a site you recognize in the search results, you should think twice before heading there with out checking out its safety rating first.

Swine flu prevention kits! Medical grade protection!

The swine flu kits that are being sold online and through spam emails are not necessarily harmful, but items in them are of little use in preventing H1N1, according to FDA officials. And even if they are, most can be purchased at hardware, grocery, and drug stores.

Some of the “kits” being sold online include items such as masks, air purifiers, diagnostic tools to determine if you are infected — and even one that is hocking something called “9-1-1 Water.” The kits are being sold for $100 or more according to many search results.

But FDA officials say by buying these kits you will needlessly part with your dollars. And security researchers like Wosotowsky are quick to point out that purchasing a less-than-legitimate product probably means you are dealing with a questionable operation. Do you really want to put your credit information in the hands of a shady company?

Takeaway: The current medical advice for H1N1 flu defense is to practice thorough hand washing and avoid touching your face. And, if there is a miracle product that can prevent H1N1, you can bet you won’t be hearing about it from a spam email.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs