October 5, 2011

First Wave of Halloween Scares


Halloween is just around the corner, and, as expected, malware authors have already concocted a brew of early scares: blackhat SEO, fake Adobe Flash notification, and a malicious file download. 

We start with the search term "halloween skeleton templates," which brings up a poisoned search result. The link redirects users to what appears to be a fake YouTube site.


The fake YouTube site uses nude images of celebrities like Emma Watson and Paris Hilton as a ploy. These, along with salacious captions, are meant to entice users into playing the apparent video.  When users click any of the links on the page, they are prompted to update Adobe Flash Player. 


Users who fall for the trick are prompted to download a malicious file called scandsk.exe, identified by 15/43 VirusTotal engines.


Websense Web Security customers are protected against this attack through our Advanced Classification Engine.


Forcepoint-authored blog posts are based on discussions with customers and additional research by our content teams.

Read more articles by Forcepoint

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.