General14.12.2010

Wikileaks: a new playground for cyber-criminals to lure in unsuspecting users?

– A Cyberoam Security Alert on the unfolding saga of the whistleblower website

As the controversial website Wikileaks renews the age-old debate between “free speech” and “government censorship”, the knives are out in full view of the print, electronic and online media. In view of current developments, the security player Cyberoam is anticipating cyber-criminal attempts to imitate Wikileaks so that they can target Internet users with phishing fraud, malware infections and more.

It’s not very often when we get to see so much global attention poured on the topic of free speech. The official arrest of Wikileaks founder Julian Assange has already led to an unprecedented war of words and reciprocal cyber-attacks between hacktivists and the government/corporate machinery. Presently, if one had to capture the shared sentiment of a growing multitude of Wikileaks backers, they would happily donate money to keep their favourite website alive.

This is where lies a great opportunity for your regular band of cyber-criminals. While a few of them could possibly empathise with the whistle-blowing fugitives, a good majority of cyber-criminals only intend to ride on the current level of interest on Wikileaks to target unsuspecting victims through spam, email click-frauds, phishing attacks and more.

Internet users are hereby advised to exercise caution while dealing with any purported communication claiming to be from the website. Here are three important tips on protecting yourself from these online scammers.

Beware of “donation” requests: As VISA, Mastercard and online merchant gateways such as Paypal continue to tighten their screws on funds transfer to Wikileaks, there is a possibility of scam emails requesting credit card-holders to send money to anonymous “agents” working for the benefit of the website.

Scammers will take advantage of the fact that merchant gateways have already blacklisted key Wikileaks recipients, which gives an added reason for would-be donors to trust these anonymous “agents”. Such scam emails may mirror everything from the lay-out of Wikileaks to the contact details of key people associated with the site.

Don’t click on suspicious URL links: Some of the URL links on spam messages can possibly install malware on the user’s computer or hijack browser sessions with rootkit functionality. Having your computer experience slow downs, frequent reboots and disappearing files because you wanted to experience the fun side of Wikileaks is not a very good bargain!

Watch out for attacks from social networking platforms: Social networking websites such as Facebook, LinkedIn, etc. thrive on a false notion of trust users place in the network which can become a breeding ground for malware. Moreover, cyber-criminals are often more adept in leveraging social networks to enticing users to click links, install unwanted applications while escaping the radar of security investigators.

Sign up to the MyBroadband newsletter