Security Watch | Matt Hines » California fires, heated politics stoke online schemes

October 25, 2007 | Comments: (0)

California fires, heated politics stoke online schemes

TAGS: Security

Websense PR chief Cas Purdy sent along details of the security vendor's experiences this week as the wild fires raged across Southern California and around its San Diego headquarters.

Along with some other personal stories and images shared by friends in San Diego, it sounds like it was a pretty hairy week for a lot of people in the area, if not at least a very stressful time for an even greater number.

Websense's headquarters is located in an area that was never evacuated, and Purdy said that the company leaned on procedures it installed after another set of serious fires touched the region in 2003 to keep everything running smoothly throughout the week.

The company let its employees work from home after the incident began to widen rapidly on Tuesday, Purdy said, and redundancy plans installed after the 2003 fires handled any related shifts in technical and customer support operations. The vendor also maintains worldwide data operations in the name of providing failsafe services to its customers, he said.

Alas, Websense also points out in a blog today that online scammers have already begun focusing their sites on the California fires.

The company specifically pointed out that a number of seemingly questionable eBay auctions have been set up in the last two days by people asking for donations and claiming to represent various public agencies, including local fire departments and the Red Cross.

At least one auction posting out of Brooklyn, N.Y., Thursday afternoon advertised bids in support of a poorly-described effort pledging support for children affected by the fires. However, the seller listed in the eBay auction has carried out some 200 transactions in the last year, with a near-perfect user experience rating -- pointing to either a misunderstanding, or a hijacked eBay account being used to carry out the campaign.

Websense merely points to a similar ad and warns people to keep their guard up when looking to donate through legitimate channels.

In another interesting twist on the headline-chasing trend among malware, spam and online scam brokers that has helped power the Storm Worm into what by most estimates was once or remains a titanic Trojan-fed P2P botnet -- researchers at AV software maker F-Secure unearthed some nasty politically-fed attacks in Africa this week.

In an attack that the Finnish firm discovered in Kenya, it appears that someone is trying to discredit one of the East African nation's current presidential candidates, Stephen Kalonzo Musyoka -- a former foreign minister in the Sub-Saharan country, using a malware program advertised in his name that damages end users' Windows-based computers.

After luring people to download the program with a Windows-style pop-up that references the candidate's "vision" -- the Trojan, dubbed by F-Secure as Trojan:W32/Agent.DPL -- directs an affected computer's browser to the candidate's official Web site while simultaneously hacking the machine's Window's registry.

Once the program has infected a PC, the user is unable to locate Windows functions via the taskbar controls. According to researchers at F-Secure (who most certainly must be celebrating the F1 automobile racing championship of countryman Kimi Raikkonen, the third such Finnish driver to win the illustrious title) it is likely that some opponents of Musyoka have launched the attack to cut into his overall credibility.

The social and physical fires that burn around the world clearly continue to provide ample fuel to stoke the fires of online deceit.

Posted by Matt Hines on October 25, 2007 03:56 PM

RATE THIS ARTICLE: