Royal baby and Spain train crash become targets for scammers
Links to fake news reports being delivered to inboxes.


Two of the biggest news stories of the past week the birth of Prince William and Kate's first baby and the death of 78 passengers in a high speed rail crash in Spain have been turned into phishing emails by cybercriminals.
Chris Boyd, a researcher with ThreatTrack Security, said his company had detected a royal baby scam within 24 hours of the prince's birth.
It is unlikely that reputable news agencies will send unsolicited email.
The phishing email purported to contain a link to a CNN live blog and video on social engagement platform ScribbleLive.
However, if users click the link it would take them to a compromised website where the Zeus and Medfos Trojans would be downloaded onto their computer.
Another cyber security firm, Websense, found a malware-laden royal baby email scam, which claims to have an image of Prince George Alexander Louis attached.
If users open the image' they will in fact unleash a malicious binary programme that will result in further malware being downloaded onto their computer.
CNN is also the foil used in the Spanish rail disaster phishing email detected by security outfit Dynamoo.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Strangely, the email subject is once again about the royal baby, but the from' field and email content all refer to the train crash near Santiago De Compostella in Galicia, Spain.
Users are encouraged to click a link in order to read the full CNN report and an accompanying video. This time the link leads to one of approximately six hijacked GoDaddy domains and malware will be downloaded onto the victim's device.
Websense advises "should you receive any email news alerts or unsolicited messages regarding topical events, be sure the message is legitimate before clicking any links or downloading any attachments. It is unlikely that reputable news agencies will send unsolicited email, and, therefore, any unexpected message should be treated with caution."

Jane McCallion is Managing Editor of ITPro and ChannelPro, specializing in data centers, enterprise IT infrastructure, and cybersecurity. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.
-
M&S suspends online sales as 'cyber incident' continues
News Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
By Ross Kelly
-
Manners cost nothing, unless you’re using ChatGPT
Opinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
By Ross Kelly