Every once in a while a rash of bad choices will remind us to remind our clients and our readers to be security aware when surfing the web. The most recent example took place this past weekend when someone posted a fake death notice for Johnny Depp stating that the actor had befallen an untimely demise by crashing his car in Bordeaux, France. It was intended as a prank and had no malicious motives.
However, the site that was posting the information was designed in a very realistic CNN theme. This became too much temptation for virtual sewer-dwelling scum, and it wasn’t long before the bad guys had capitalized on the opportunity.
WHAT THEY DID: The aforementioned sewer scum copied the site and page delivering the prank news and they turned it into a video graphic…not an actual video, but a graphic that made it look like a clickable video. When a user clicked the video, they were prompted to install an ActiveX control. Unfortunately though, it wasn’t an ActiveX control, it was a Trojan Horse designed to harvest identity information of the computer’s owner.
So once again, because it can never be said enough, be careful when you are surfing. Do your best to uncover the true identity of the website. Just because it looks like CNN doesn’t mean it is CNN. If the website name is www.CNN.not-really.hackers-for-hire.com, then guess what. And always take a second look before clicking anything.
There is a good primer on how to determine the true identity of a website in a newsletter article we had sent out previously. You can read it here. If you enjoy the article and would like to read more, you can browse all of our newsletter archives. Or you can subscribe to the newsletter.
P.S. If you have come across any virus traps out in the wild, tells us about your experience by posting your story in the comments section below.