Hurricane Sandy is one of the biggest storms to ever hit the East coast of the United States in years. Cyber criminals are duly taking advantage of the massive number of people who are keenly following the related news updates. It is a sad state of affairs that such events often lead to several cases of cyber crime as attackers start devising ways to manipulate interest in order to dupe people.
We are expecting to see a large number of fake Facebook scams, Twitter feeds, email chains, Youtube videos and infected websites to break out. A few of these scams will offer to show unseen footage, some will ask for donations for relief and charity organizations and others will simply direct innocent users to a malicious page carrying dangerous malware.
Attacks in the form of SEO poisoning are also cropping up. SEO poisoning, or black-hat SEO, is a technique where attackers study the latest trending topics over the Internet (news related to Hurricane Sandy, in this case). They then start creating malicious pages or websites that feature high in search engine results, using Search Engine Optimization (SEO) techniques. This starts directing people to malicious pages which can then lead to infection via malware, trojans, spyware or adware. Some conniving websites are also capable of successfully phishing personal information out of their victims. Naturally, machines that do not have the best virus protection software are going to be more vulnerable to such attacks.
These methods of social engineering are inevitable and we advise people to not fall for them. Do not visit unknown websites when you search for news about Hurricane Sandy. It is better to stick to reputable websites that you are aware of. Moreover, if there are suspicious looking links and videos in your Facebook news feed, or other social media platforms and your email, do not click on them. Learn how to recognize fraudulent phishing URLs to avoid falling for fake links. If you are planning to make a donation to a charity for this cause, ensure that you visit the genuine website and are not simply following a fake link from a message that you received. Keeping these reminders in mind is sure to help users avoid these attacks that will be looking to exploit the worldwide interest in Hurricane Sandy.