November 6th, 2008

Obama-mania gives cybercriminals an opening

Posted by Richard Koman @ November 6, 2008 @ 9:24 AM

Categories: Cybercrime, Government technology, Obama

Tags: Malware, E-mail, Online Communications, Richard Koman

Here’s another implication of the Connected President: malware authors see a huge opportunity to infect computers. Ben Worthen blogs at the Wall Street Journal that millions of emails went out Wednesday inviting people to click on a link to watch an “amazing” Obama speech.

The email directs you to a site deemed America.gov, which apparently is meant to be a State Department site, and includes a message to download “Adobe Flash,” in reality a piece of malware, to view the speech. (Of course, the current State Department wouldn’t be hawking Obama speeches and any such PR would be the job of a White House site, not State.)

Tech-security company Cloudmark has seen more than 10 million of the fake Obama emails over the last few hours. Sophos, another tech-security company, says that the email accounted for 60% of all malicious junk messages Wednesday. Cyber criminals often peg their attacks to current events – the collapse of the stock market, for example, or anything Paris Hilton does. But the amount of Obama-themed messages has surprised even security researchers.

Exactly because Obama has used email so pervasively – towards the end it wasn’t uncommon to get five emails a day from the campaign – supporters are especially at risk of letting down their guard and clicking blithely away.

Perhaps because he will perceive safe communications with citizens as critical, Obama’s tech advisors will take the lead in moving the industry towards some form of secure email standards?