14 DAY TRIAL // After the royal baby was born, security experts warned that cybercriminals would likely leverage the topic in their malicious schemes. ThreatTrack Security has already spotted a malware attack that relies on emails entitled “The Royal Baby: Live Updates.”
Many people are eager to learn more about the royal baby, and websites that promise live updates on the subject are a great resource. However, internauts should make sure they only visit trusted news sites.
The malicious emails spotted by ThreatTrack Security read something like this:
“The Duke and Duchess of Cambridge have welcomed their first baby — a son and a future heir to the British throne — into the world. CNN has all the latest details of this momentous occasion.
Follow our live blog as we continue the baby watch with CNN’s reporters out in the field. And while we wait for news of the royal arrival’s name and his first appearance before the world’s cameras, you can catch up with the latest features, interviews, videos, interactives and more.
— Watch the hospital-cam (Note: This link will go down briefly when anchors and reporters are live on air on CNN. We will bring it back as soon as we can.)”The link in the email might appear to point to a genuine CNN website, but it doesn’t.
Instead, users are taken to a BlackHole exploit kit website that’s set up to push a shady Flash Player update. When executed, the software update unleashes a variant of the notorious banking Trojan known as ZeuS.
The bottom line is that you should beware of such emails, even if they appear to point to legitimate websites, or if they appear to come from people you know and trust.