Bad news for some.. good for others..

It’s said that bad news travels fast ! And no doubt it does, but generally it’s the bad guys who catch it first. Whether it is Michael Jackson's death or Swine flu pandemic or France Airline crash, malware authors don't spare anything that they can use as bait. Moment such news is out, the bad guys immediately register fake domain names and using SEO (Search Engine Optimization) attacks make sure that their malicious links are out there.

This time it was rumors surrounding MJ's news that apart from DoS'ing out Facebook and Twitter websites, had malware authors going in a frenzy to capitalize on the shear volume of searches. Once such fake site was soon distributing malware called "Michael-www.google.com.exe" to visitors who browsed that site. Others claimed they had some video showing Michael’s last moments in Life and redirected uses to a link that looked like youtube.com. It then used an old trick of prompting users to install a fake codec (malware) in order to view the link.

[ Fig 1 - Fake youtube website showing MJ's last moments ]

It’s a known fact that malware authors have these so called scripts that keep track of websites such as google trends and as soon as they see a surge in hits on a particular topic, they will register a new domain and start distributing malware using SEO. Now that's some clever scripting !

So folks, be careful and extra cautious when you start searching for any latest ground breaking news on the internet. Do not install any kind of executable or ActiveX or flash kind of component for your browser if you are not sure about the source. It’s better to visit some other link than taking the risk of installing anything on your machine. Some tools (obviously free !) that I would like to recommend to you are some browser plug-ins for Mozilla. This is what I use and it really helps sometimes -

• WOT or Web of Trust Plug-in: This Mozilla plug-in kind of preemptively warns you by displaying a small circle next to the link with various colors for bad or good links on any website.
• FlagFox: This neat utility plug-in will show a small flag of the country to which the website you are browsing belongs too. So next time you get redirected to a Russian or Korean domain you know what to do :)

Apart from that, sometimes Mozilla or google search itself will show a banner informing that the site has been blocked or not safe for viewing. Now, I am not advocating any of this plug-ins to you and neither will I say that these guarantee 100% protection against malware but hey, something is better than nothing ;) !

So here's wishing you a safe & happy browsing.. :) !