Royal baby and Spain train crash become targets for scammers


Two of the biggest news stories of the past week the birth of Prince William and Kate's first baby and the death of 78 passengers in a high speed rail crash in Spain have been turned into phishing emails by cybercriminals.

Chris Boyd, a researcher with ThreatTrack Security, said his company had detected a royal baby scam within 24 hours of the prince's birth.

It is unlikely that reputable news agencies will send unsolicited email.

The phishing email purported to contain a link to a CNN live blog and video on social engagement platform ScribbleLive.

However, if users click the link it would take them to a compromised website where the Zeus and Medfos Trojans would be downloaded onto their computer.

Another cyber security firm, Websense, found a malware-laden royal baby email scam, which claims to have an image of Prince George Alexander Louis attached.

If users open the image' they will in fact unleash a malicious binary programme that will result in further malware being downloaded onto their computer.

CNN is also the foil used in the Spanish rail disaster phishing email detected by security outfit Dynamoo.

Strangely, the email subject is once again about the royal baby, but the from' field and email content all refer to the train crash near Santiago De Compostella in Galicia, Spain.

Users are encouraged to click a link in order to read the full CNN report and an accompanying video. This time the link leads to one of approximately six hijacked GoDaddy domains and malware will be downloaded onto the victim's device.

Websense advises "should you receive any email news alerts or unsolicited messages regarding topical events, be sure the message is legitimate before clicking any links or downloading any attachments. It is unlikely that reputable news agencies will send unsolicited email, and, therefore, any unexpected message should be treated with caution."

Jane McCallion is ITPro's Deputy Editor, primarily covering security, storage and networking for ITPro, CloudPro and ChannelPro.

Jane joined ITPro and CloudPro in July 2012, having previously written freelance for a number of business and finance magazines. She has also covered current affairs, including the student, public sector workers and TUC protests and strikes in central London while studying a Masters in Journalism at Goldsmiths, University of London.

Prior to becoming a journalist, Jane studied Applied Languages at the University of Portsmouth.