YOU ARE HERE: LAT HomeCollections

Cyber-criminals prey on public's fascination with Bin Laden's killing

Facebook and Google users are falling prey to posts that claim to offer images of the dead terrorist leader but instead trick them into downloading malicious software and spam or re-posting the phony link to their profiles.

May 03, 2011|By David Sarno and W.J. Hennigan, Los Angeles Times

The online interest in Osama bin Laden's death has attracted numerous cyber-scammers who are baiting Facebook and Google users by claiming to offer pictures of a deceased Bin Laden.

But when users click on the links, expecting to find a shocking video, they are instead treated to malicious software, spam or a trick that re-posts the phony link to their own profile.

"The reported death of Osama bin Laden is just too good a lure for cybercriminals and scammers to pass up," McAfee Inc. security researcher David Marcus said in a blog post.

No official photos or videos of Bin Laden's body have been released. So consumers in search of such images should be careful.

Some Google searches related to Bin Laden direct users to Web pages offering malicious software, said Chester Wisniewski, an advisor at the online security firm Sophos. The bad links falsely alert users that their computer may be infected and that they should download virus-scanning software. That software is often itself a virus.

One Facebook post appearing to be from the BBC trumpeted a link titled "Osama bin Laden Killed (LIVE VIDEO)." When clicked, the link takes the user to an outside page resembling Facebook, where the user is asked to enter a verification code. When the user submits the code, the phony BBC link is then posted to the user's Facebook account. Such links have spread widely on the social networking service.

"The bad guys were quite fast," wrote Fabio Assolini, a researcher at Kaspersky Lab, another cyber-security firm. They "started to poison searches results in Google Images" right away.

Anyone searching for pictures of the dead Bin Laden could be offered images linked to insidious sites, which could again solicit users' credit card numbers or try to get them to download infected software.

Scammers frequently prey on Web surfers after big news events.

When a massive earthquake and tsunami hit Japan in March, scammers went to work setting up websites, emails, pop-up ads and other ways to steal money intended for victims of the disaster, McAfee said.

Web surfers should look closely before clicking on anything unusual or unbelievable. Hovering the mouse cursor above a suspicious link will display the underlying Internet address: if you've never heard of that site, or if it has a name different from what the link purports to be, don't click.

Los Angeles Times Articles