South by Southwest the Latest Target of Cybercriminals

Online crime is evolving, and cybercriminals have recently shifted their sights to South by Southwest 2011—an internationals music, film, and interactive conference. While fans look up names of artists and news around the event, online criminals are building fake websites and trying their hardest to lure unwitting users with their tricks.

“Whenever there is a big event that generates a ton of Internet activity, something like South by Southwest, the cybercriminals are smart enough to know that is an opportunity for them to target people with very specific scams,” said Eric Klein, Senior manager for online strategy for security company PC Tools, in a phone interview.

There are a handful of devious methods showing up, using various ploys to fool users into giving up their credit card number or downloading malware that will cause harm to their computers.

The real difference with the current attacks, however, is that the criminals are buying advertising and are tailoring their websites to appear among the first results on search engines. The sites are also disguised to look legitimate. This means that users looking for information on their favorite artist can easily be duped by their scams.

“It’s almost like the equivalent of the old mafia, where they’re trying to cover up their criminal activities by making it look legitimate,” Klein said. “These guys are actually spending money in Google search and Yahoo search, like any other marketer would, to get ranking for their scams.”

PC Tools found similar incidents during the Superbowl and with big movie releases including the “Harry Potter” and “Twilight” films. “Any time there is going to be a flood of Web interest—people looking for content, people looking for dates—we always see a spike in more targeted threats. South by Southwest is the latest example,” Klein said.

According to Klein, this ties into the new direction online crime is taking. While criminals in the past focused most of their efforts on disrupting websites and crashing computers to gain attention around their viruses, today’s criminals are focusing on social engineering scams to fool as many people as possible into buying their services and accidentally passing the scam to their friends.

“I think the signs that these threats are giving us are getting more alarming because the criminals are getting much more sophisticated and tricky with the way they’re presenting these scams to customers,” Klein said.

The current vulnerabilities that were found include fake music downloads that will secretly rope users into paid subscriptions, fake virus alerts that get users to download malware disguised as anti-virus software, viruses hidden in images that will automatically download if a user clicks on them, and fake contests using ploys like “Take this quiz to win an iPad,” or “Enter to win a contest,” according to research from PC Tools.

Users can avoid these scams by restricting their financial information to websites they know they can trust, being careful what they download, and not falling for fake contests. Klein also recommends using anti-virus software with behavioral detection that can pick up on shady activities taking place behind the scenes on the Web.

“What has really happened is the threat has evolved, and it’s actually more important than ever that people stay safe while searching online and they’re not just clicking on everything that comes up on their screen. Because there is still a real chance that they could put themselves at risk,” he said.