Singers Madonna and Rihanna, vectors of success for aggressive spam campaigns
SYDNEY & AUCKLAND – October 23, 2012 – A new illicit email campaign using celebrity names such as Madonna and Rihanna, that is also spreading in Australia, infects computers with malware and recruits users into rapidly growing botnets, according to Bitdefender, the award-winning provider of innovative antivirus solutions.
Rihanna, the 7th most popular celebrity in Australia this year with 301.000 local monthly searches according to a Google search tool, and Madonna, who ranks 19th with 135.000 searches a month, are used as baits to make users click on malicious websites hosted on Russian domains.
Opening the link infects vulnerable users with malware that steals their private data and places their computers in the hands of the attackers. Users then spread malware themselves as their computers are taken over by a command-and-control server, and become zombies in a botnet, or illegal collection of infected computers controlled by cyber-criminals.
“Clicking on an email that contains names such as Pink, Justin Bieber or Rihanna definitely poses a degree of risk,” said Bitdefender Chief Security Strategist, Catalin Cosoi. “The risk is even greater when the celebrities named in the email are the subject of a recent scandal or some other big news. Scammers are constantly following stars and trends to figure out what people most want to read about, then they serve it to them, laced with malware.”
In the latest malware campaign using celebrity names, subjects such as ‘FWD: Best of Madonna’ and ‘Justin Bieber fan’s suicide’ lure users to malicious Russian domains or fake Canadian pharmacy sites. To make the Rihanna scam seem like a commercial for one of her famous hits, cyber-crooks included the word “Umbrella” in spam messages. They also used her name in emails allegedly coming from LinkedIn. The same campaign takes advantage of other celebrities such as English singer Adele, ranked 8th in the most popular Australian celebrity searches.
For more information on the latest social media scams using celebrities, see HotForSecurity.