Someone came to me yesterday worried that their computer was infected with viruses. It wasn't, but they had almost been victimized by a scam that piggybacked on the disaster in Haiti. As they say, no good deed goes unpunished.
Having heard that donations to Haitian relief could be made with a simple text message, this person did a Google search for "Haiti texting". The first results page included a link, shown below, that looked promising.
The actual link was
http://sciencefirst.com / ? q = texting-haiti-to-90999
Spaces have been added to the link above so that this page isn't considered malware.
At this point, a skeptical person would ask, who or what is sciencefirst.com and what do they have to do with Haitian relief?
Nothing, it appears. The website seems to have been hacked.
And they are not alone.
Note in the search results (larger image) that below the link to sciencefirst.com is one to sevencycles.com a company that sells custom built bicycle frames. They too, appear to have been hacked.
Both URLs end with the same query string, "texting-haiti-to-90999", and, interestingly, the web page was updated 15 hours ago (the screen shot was taken Thursday January 14th around 10PM ET) exactly the same time that the sciencefirst page was last updated.
When the good Samaritan clicked on the link to sciencefirst.com, a warning appeared on their computer that it was infected with viruses. At this point, I was called and suggested they shut down the computer immediately. No surprise, the warning turned out not to be true.
I've always argued that skepticism was the most important thing anyone needed for Defensive Computing. This was certainly true in this case as a number of website evaluations gave sciencefirst.com a clean bill of health. Only skepticism prevented a malware infection.
You may notice the green circles in the Google search results. These are from Web of Trust and indicate its opinion on the safety of the website. The hacking of sciencefirst.com was too recent for anyone to have reported it to WOT.
So guys beware of websites you are visiting.
No comments:
Post a Comment