Growing threat of General Election-themed spam in the run up to the UK election

22 April 2010

The forthcoming UK General Election on May 6th 2010 has already been dubbed the ‘Digital Election’ in light of the unprecedented use by all the political parties of online tools such as email, viral videos, social networking, blogs and mobile applications. However, the high degree of legitimate and safe online campaigning has also given rise to increased malware and unsolicited messaging falsely claiming to be from the political parties, or falsely claiming to contain election-related news, information, web sites and marketing material such as viral video campaigns.

“Users need to be extremely vigilant over the coming weeks as malware distributors and spammers look to capitalise on election interest to spread malicious code, links to infected web sites and unwanted email marketing spam,” said Tom Kelchner, threat research manager at Sunbelt Software.

In addition to ensuring all your PCs have an up-to-date PC security software such as antivirus, firewall and antispam applications installed, users need to remain vigilant and careful when visiting any web sites or handling email from unknown and untrusted sources, even if they appear legitimate on the surface.

“The parties are already sending a large volume of legitimate marketing email in the names of David Cameron, Nick Clegg, Gordon Brown and others. If spammers do likewise, unsuspecting users could be duped into opening unwanted, or potentially harmful emails and attachments instead of a harmless election communication,” Kelchner added. “It is essential that users check what they are opening beforehand and treat all election themed online material as a potential risk, otherwise the election could provide more than just a surprise on polling day.”

Users should look out for the following potential threats and follow these guidelines to keep their computers and data safe:

* Malware carried in email spam and fake web sites: As with any prominent news event, users can expect spam email that will look like party or candidate appeals or news updates, but instead carries links to malicious sites which download rogue security products and malware. Email users should think twice about clicking on any links from unknown sources. Always hover over embedded links to see the address before clicking on them.

* Search Engine Optimisation poisoning: There will be numerous “top” stories in the next few weeks, including polling results and extensive discussion of the possibility of a “hung” parliament. Search engine results will be targeted and poisoned to include links to malicious sites which peddle rogue security products, online pharmacy scams or download botnet infections. Users should read web address before clicking on them, and consider obtaining their news only from trusted sources such as the BBC, The Guardian, The Daily Telegraph etc. Spamblogs – rogue blogs used to promote affiliated web sites, to increase the search engine rankings of associated sites or to simply sell links/ads − will also be out in full force and trying to capitalise on election interest.

* Hacked party web pages: Several political parties have had their sites hacked and defaced over the years, and the General Election provides a focal point for renewed efforts to deface a site in front of an increased worldwide audience. Past actions have just involved rude and crude messages being placed on the homepage, but an escalation will likely see infected code being integrated into an otherwise harmless and legitimate web site.

* Fake web sites: Alongside hacking the real site, we are seeing an increase in fake sites, forming part of an overall phishing attack. These fake sites can be used to harvest personal and financial information, as well as spread malware through infected downloads, banner ads and page code.

* Facebook, Twitter and blog comment spam: Social networking sites and services offer rich possibilities for the distribution of malicious URLs leading to download sites. Check any shortened URLs with LongURL to see where they actually lead. Be cautious where YouTube videos are concerned – threats could range from relatively harmless survey spam to infected downloads or phishing web sites.

Sunbelt Software recently released VIPRE 4, a major evolution of its performance-optimised anti-malware technology for consumers and enterprise users. VIPRE 4 brings together a powerful new firewall, Host Intrusion Prevention System (HIPS) and Intrusion Detection System (IDS) functionality, along with an entirely new framework for managing enterprise endpoints. The latest version maintains Sunbelt Software's intense focus on performance and customer experience and is the key foundation to Sunbelt Software's anti-malware strategy.

Print version | email this to a friend Email to a friend | View other articles