The events that happened during the Boston Marathon yesterday were tragic, scary, and unnerving. As technology improves, the amount and quality of evidence and content that is produced during these types of events continue to increase. It’s times like these where we all drop what we’re doing and tune in to the world around us. Exchanges on news sites, social media, and email immediately start happening to distribute the most up-to-date information.
Sadly, this creates an opportunity for attackers in the digital world as well. With everyone scrambling for more information, the success rate of a phishing attack at this time can skyrocket. As emotions are high, people are more likely to click links, for example, which may lead to sites with malicious software. A link can be presented as having different statistics, video footage, photos, or interviews to entice people to view them. In order to see the latest video footage, people who may ordinarily think twice about such an action quickly install the necessary “plugins” or software to view the video. At this point they may find that the video doesn’t actually seem to work; however the damage has already been done and the attackers have gained access to their computers. Additionally, another common scenario seen during the aftermath of such events is that websites are set up to accept donations via credit card for those affected by the tragedy. These are meant to look and feel similar to legitimate websites which also take donations to help victims, such as that of the Red Cross.
Distribution of these phishing attacks can easily be performed by including a simple hashtag in a tweet or posting a comment on a popular news article. During times like this it is important to stay cautious online and keep your guard up. Staying informed and following breaking news during tragic times is important; however be mindful of where links and media are coming from. Your best bet is to stick to getting news from major media sources and make sure that any donations you may be making to aid the victims of this tragedy are legitimate by checking other online sources such as Charity Navigator.
Co-authored by Brandon Knight and cross-posted from SecureState.