Security Firms Warn Of Royal Wedding Malware

Security experts are warning that some cyber-criminals are seeking to exploit public excitement ahead of the royal wedding on 29 April, unleashing an array of malware campaigns including phishing and spam emails.

Security firm Symantec has uncovered a number of scam email campaigns offering royal wedding memorabilia, including a replica of Princess Diana’s engagement ring, limited edition Buckingham Mint commemorative coins, and customisable mugs and t-shirts. Links in the emails redirect the user to a spam product site.

Spam and Black Hat SEO

Furthermore, Symantec warns that black hat SEO techniques are being used in “fake” pages to lure people looking for news related to the royal wedding. At one point, a search for “william and kate movie imdb” returned 61 malicious links in the first 100 search results, the security firm said.

Other search terms currently returning poisoned links include “william and kate movie cast”, “royal wedding guest list bush”, and “princess diana death facts”.

“We have seen over 500 compromised sites being used in this campaign over the past few days,” said Symantec’s Suyog Sainkar in a blog post. “Attackers create multiple fake pages on each site and use unethical SEO techniques – such as keyword stuffing, cloaking, and link farming – to ‘game’ the search engine algorithms to achieve high search engine rankings.”

Meanwhile, a poll conducted security by Imperva at this year’s Infosecurity Europe revealed that 38 percent of security professionals have witnessed the royal nuptials being used for malvertising. Over a third have seen wedding related spam and 20 percent incidents of search engine poisoning, the company said.

“Everyone loves a good wedding and it appears hackers are no different,” said Imperva’s CTO Amichai Shulman. “While we’re not surprised by the results it is worrying that criminals are systematically jumping on every opportunity to illegally make money by identifying, and utilising, revenue generating opportunities that utilise stolen credentials or inject malware.”

“The royal wedding is another reminder that organisations need to be vigilant to hosting phishing sites and act promptly to take them down if non-security savvy individuals are to be protected,” he added.

Imperva advises Internet users to ensure their computer’s security software is up to date and refrain from responding to emails from people they don’t know offering leaked information or sharing secrets from someone “close to the happy couple”.

Opportunistic scams

Email scammers are increasingly using such high-profile events to target victims. Previous phishing scams have addressed news items such as the volcanic ash cloud and the Haiti earthquake – where phishers got four million downloads in ten days – and the launch of the iPad.

Earlier this year security services firm Webroot warned that UK citizens in a hurry to get their tax returns in before the final deadline were in danger of falling for email phishing scams, which await these vulnerable users.

Although most people are wise to such scams, enough still succumb to make it worth the villains’ while, said Greg Day, director of security strategy for McAfee in EMEA, speaking to eWEEK Europe last year.