Just hours after the death of pop star Michael Jackson, security vendors were tracking attempts to cash in on the event by spammers and malware writers.
In a blog posting by security firm Sophos, the firm reported the first wave of spam messages "employing the sad news in the subject line and body part to harvest victims’ email addresses".
The message sender claims to have information about Jackson's death that they want to share with the recipient. Although the body of the spam message does not contain any URLs or other call-to-action links, if replied to it will allow the spammer to harvest the user's email address, said Sophos.
Rik Ferguson, senior security adviser at vendor Trend Micro, warned that any event of this magnitude would be expected to generate significant amounts of spam and malware.
"It always does – it happens with any newsworthy event, joyous or tragic, and Jackson's death is probably up there with Elvis," he said.
"We fully expect to see black hat SEO [search engine optimisation] activity and significant spam runs using the news as bait, because people are hungry for details."
Black hat SEO manipulation attacks were launched soon after the death of actor Heath Ledger, and have already been seen since the death of actress Farrah Fawcett was announced.
They involve hackers disguising malicious links as URLs to legitimate sites containing news about a high-profile event in order to push the results higher up the search listings.
"Hosted on is-the-boss domains (last seen in the H1N1 black hat SEO attack), the links that come up in search results redirect to other URLs that eventually land on all-too-familiar territory: a rogue antivirus download," said Trend Micro's Macky Cruz, in a posting on the Trend Micro blog.
"Users are advised to exercise extreme caution in searching for related news and information surrounding the deaths of these celebrities."
However, some have accused the security vendors themselves of using the news for their own benefit.
“Most internet users are intelligent enough to know that this is spam," argued Rakash Gupta, chief executive of PineAppUK.
"It is the industry’s responsibility to provide sensible, intelligent advice that allows computer owners to accurately assess their risks. With the right solution in place, security is not something to be afraid of. Yet again we urge the industry to stop the gimmicks.”
Michael Jackson's death sparks massive spam runs
By
Phil Muncaster
on Jun 27, 2009 9:57AM

In The Spotlight
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content

Promoted Content
How to prepare for the increasing demand for cloud-ready partners

Promoted Content
Why rock-solid MSPs services require unified infrastructure monitoring

Promoted Content
Tradewinds has turned unified communications into an easier upsell

Promoted Content
Is business nbn Enterprise Ethernet the future of business connectivity for MSPs?

Promoted Content
Microsoft, Yealink and Alloy’s roadshows fire up the Australian channel