16 March,2011 07:07 AM IST | | Shashank Shekhar
From fake links to phishing mails, cyber criminals are leaving no stone unturned to exploit the catastrophe
More than six thousand kilometres away, Jisbin Matthew had no idea that Japan's date with nature's fury would kindle his own personal tragedy. Matthew was looking for unseen videos of the earthquake and tsunami when the Gurgaon resident fell prey to cyber criminals.
Matthew, who works for an international bank, was shocked to notice that after clicking on a certain video link his system crashed and he could not access his emails. "There was a link which said 'amateur never seen video' and when I clicked on it, after a few minutes my computer shut down.
Riding the wave:u00a0 A videograb of the Japan Tsunami.
(Insert) Jisbin Matthew was tricked by cyber criminals cashing
in on the tragedy. Pic/Mid Day
I took it to a friend who works in the technical support department of an MNC and he told me that I had become a victim of a cyber attack," he said.
Even cyber crime experts have confirmed that within hours of the tragedy, malware writers had started creating scripts and infected links related to earthquake and Tsunami in Japan.
"Cyber criminals are very smart. They pick up news very quickly and in case of a Japan it took them hardly a few hours.u00a0 We knew that they would try to cash in on this tragedy, but these links started appearing in a record-breaking timeu00a0- less than three hours after the earthquake," said Vivek Vohra, a Delhi-based ethical hacker.
Even social networking websites, which helped in passing on updated information during the calamity, have become a new arena to spread malware. Sites like Facebook and Twitter are being used by cyber crooks to collect information, when users click on a link, posing as video footage of the tsunami that struck the eastern cost of Japan on Friday.
Cyber security companies have confirmed the modus operandi. Trend Micro spotted numerous domains, URLs that have been registered but had zero content, with keywords like 'help', 'earthquake', 'Japan', 'Tsunami', 'Relief' and 'Donations' included in their titles.
Trend Micro reported on one phishing site that had 'Japan' in its URL, saying that the site was harvesting email addresses and other personal information from unsuspecting users. "Internet users have to be very careful when clicking on links regarding the latest earthquake in Japan.
We have already seen fake donation sites, spam, and FakeAV-related Search Engine Optimisation (SEO) poisoning attacks using this event as a social engineering tactic and their number is still increasing. Users who really want to make a donation should ensure that they do so only on trusted sites," said Amit Nath, Country Manager India and SAARC, Trend Micro.
Stay safe
If you are online, these are some points you must keep in mind in the aftermath of Japan's tragedy:
>>u00a0Take care when searching for news about the disaster. Hackers often poison search engine results to exploit breaking news, in order to spread malware. Visit legitimate news websites only.
>>u00a0Make sure to donate via legitimate charity websites. In the past, scammers have often taken advantage of a natural disaster. This not only benefits criminals, but deprives the people who need financial support the most from receiving charitable donations.
>>u00a0Be cautious of links which offer you dramatic video footage of a news story. Malicious hackers and scammers know that the public finds it hard to resist clicking on such links and plant malware within them.
