There are few things more appealing to Internet scammers than major news events. When stories emerge — good, bad or sometimes entirely fabricated — scam artists are on-hand to craft legitimate-looking links, Facebook messages and phishing emails designed to draw in users and infect computers. How do companies stay ahead of these cons and make sure networks stay protected?

Skin Game

Last week, news broke that over 100 iClouds were hacked, and nude photos of A-list celebrities like Jennifer Lawrence and Kate Upton were posted on several message boards. According to Infosecurity Magazine, these images have drawn enough interest to grab the attention of cybercriminals, who are now running several new scams.

The first can be found on Twitter in a tweet that contains hashtags with the names of celebrity victims. Along with the hashtag comes a shortened link, supposedly leading the user to an enticing video. In fact, the link leads to a “video converter,” which is nothing of the sort — it’s malware.

Facebook also has a variation of this scam: Users must “share” the supposed video site’s URL before gaining access to the illicit movie. There’s nothing great waiting for those who fall victim — once again, it’s a malicious app looking for a home.

Bad Company

While the top layer of this scam may be new, the infrastructure hasn’t changed. Scammers have been using major news events to grab attention and fool users for years, and because they often succeed, there’s no reason to change tactics.

Consider the recent death of comedian Robin Williams. International Business Times reports that after his passing, Facebook was inundated with messages claiming the actor had left a “final goodbye” video. It was a hoax, of course, but many people looking for some explanation of Williams’ final act were willing to share the bogus message. Their reward? A redirect to paid survey sites that generated income for con men.

In some cases, the news isn’t even real. Guardian Liberty Voice noted that in February, a fake story about bad-boy singer Justin Bieber made the rounds on Facebook, claiming the star had been driving drunk when he hit and killed a seven-year-old boy. The post included what appeared to be a video but was actually a fake “play” button posted over a picture. Clicking the video took users to a fraudulent Facebook-like website that contained a host of links, all of which started a malicious app download.

Safe Haven?

It’s easy to see this as a “personal” problem; what users do on their own time is their own business, right? But according to Forbes, that’s not always the case. Twenty-five percent of working adults admit to looking at illicit materials during work, and 70 percent of all pornography access happens between 9 a.m. and 5 p.m. In other words, employees aren’t afraid to search for naked celebrity pictures at the office, placing corporate networks at real risk.

So do companies cover their technology assets? It starts with a clear use policy coupled with diligent oversight: If users are accessing these materials, consequences must be both clearly defined and immediate. Training is also critical. As noted above, the form of these scams never really changes; major news events will always spawn legitimate-looking Tweets and Facebook posts. If users don’t click and don’t share, then con artists lose their leverage.

Finally, robust application management policies are essential. Companies need to know what apps are on their network, where they came from and what they’re doing if they want to sniff out problems.

Bottom line? No nudes is good nudes.

Image Source: Wikimedia Commons

More from News

Costa Rica State of Emergency Declared After Ransomware Attacks

In late April, after weeks of major ransomware attacks, Costa Rica declared a state of emergency. Newly-elected President Rodrigo Chaves took this measure, usually reserved to deal with natural disasters, to free up the government to react more decisively to the incident. The Russian-based Conti gang has claimed they launched the attack. Meanwhile, the U.S. Department of State offered a $10 million reward for information that leads to finding anyone holding a key leadership role in the Conti gang. The…

Ransomware-as-a-Service Transforms Gangs Into Businesses

Malware-as-a-Service is getting easier and easier to access, according to a recent threat report. Self-named the ‘Eternity Project’, this cyber threat group offers services from a Tor website and on their Telegram channel. They sell a wide variety of malware in an organized fashion, including stealer, clipper, worm, miner, ransomware and distributed-denial-of-service bot services. This alarms many security professionals. With Eternity, even inexperienced cyber criminals can target victims with a customized threat offering. Eternity sells malware for $90 to $490.…

UK Health System Email Accounts Hijacked to Steal Microsoft Logins

Last summer, I noticed password reset notices in my email account that I didn’t send. I quickly realized that I was the victim of an account takeover. This happens when someone illegally gains access to your account, typically through compromised credentials. I changed my email password right away and learned that my passwords to other accounts had already been changed. To make cleanup even more fun, I found out that the attackers had created new accounts using my credentials. Account…

LemonDuck Cryptojacking Botnet Targets API Security Gap

A recent report reveals the well-known crypto mining botnet LemonDuck can target Docker to secretly mine cryptocurrency on the Linux platform. LemonDuck targets Microsoft Exchange servers to mine crypto, escalate privileges and move sideways in compromised networks. It takes advantage of Docker, a mainstream platform used for building, running and managing containerized workloads. Since Docker runs container workloads in the cloud, a misconfigured cloud instance can expose a Docker API to the internet. Attackers can then exploit this API to…