Jackson's Death Spawns Online Scams

SAN JOSE, Calif. - Minutes after any big celebrity dies, Internet swindlers get to work. They pump out specially created spam e-mails and throw up malicious Web sites to infect victims' computers, hoping to capitalize on the sudden high demand for information.

Michael Jackson's death was no different, and security experts say the fraud artists are just getting started.

The scams started cropping up almost instantaneously as Jackson's death was still hitting the news. As days have gone by, they've gotten more sophisticated -- and dangerous.

Jackson's death "took a lot of people by surprise -- the spammers, too," said Dermot Harnett, principal analyst for anti-spam engineering at Symantec Corp., a security software maker. "It might take them some time to really pounce on this issue. They are catching up pretty quickly, though."

Any major world event, such as the recent protests in Iran, triggers a barrage of Internet attacks. Security experts say the malicious traffic associated with Jackson's death will likely match and perhaps exceed those of other big spamming campaigns, such as those connected with the swine flu outbreak and Saddam Hussein's execution.

Spam is the most common way for fraudsters to find victims after these types of events. They can use a shotgun approach with a boilerplate message about Jackson, taking advantage of people's interests in the topic to improve their batting average over their usual spam campaigns.

By enticing users with such messages and tricking them into clicking on e-mail attachments, scammers can easily infect victims' computers and take command of them for more nefarious activities.

The spam about Jackson's death gets more convincing every day.

One message promises a YouTube video showing the exclusive "last work of Michael Jackson." Instead, victims get a malicious program that steals their passwords. Another promises to show the "latest unpublished photos" of Jackson if you click on a link -- one that also tries to install a password-stealing program on your machine.

Others purport to be from legitimate news outlets and may contain accurate enough information to convince viewers they're real enough to click on. Others promise access to secret songs.

Still other e-mails may not even have links to click on, or any other calls-to-action.

"The body of the spam message does not contain any call-to-action link such as a URL, e-mail or phone number," said online security company Sophos in its SophosLabs blog . "But the spammer can harvest receivers' e-mail addresses via a free live e-mail address if the spam message is replied to."

How to Protect Yourself From Spammers (McAfee.com)

• Make sure that your anti-virus software is up to date. Many viruses and Trojans scan the hard disk for e-mail addresses to send spam and viruses. Avoid spamming your colleagues by keeping your anti-virus software up to date.

• Use the firewall included with your operating system, or use a firewall from a reputable company, to avoid your computer being hacked or infected with a worm and used as a spam-sending zombie.

• Do not click on unusual links. Confirm the sender did send the e-mail if it looks suspicious.

More tips from McAfee

The effects of specific spam campaigns, like the one surrounding Jackson's death, are hard to quantify, though. Spam levels are already so high that there might not be a noticeable increase in overall spam levels, Harnett said. By some estimates, spam accounts for more than 90 percent of all e-mail sent around the world, though the bulk of the messages get filtered out before ever reaching the user.

Celebrity deaths are a gold mine for criminals because lots of people go online looking for news. Google Inc. says the spike in searches for news stories about Jackson's death was so sharp the company initially mistook it for an automated attack (see a graph) .

Many of the information-seekers can be tricked, via e-mail, into visiting malicious Web sites. That opens the door to all kinds of nastiness, like spying on what someone's typing or using the hijacked machine to send spam.

There are also so many more Web sites about celebrities after their deaths that it's hard to figure out which ones are legitimate fan sites, and which ones were created by criminals.

Registrations of domain names related to Jackson have spiked since the pop icon died Thursday afternoon. A leading registration company, GoDaddy.com, said it registered about 7,500 such names since then. Actress Farrah Fawcett, who died the same day, got about 100 domains in the same period. GoDaddy said, however, that it had yet to get any complaints that any of those addresses were used for scams.

Within minutes of Jackson's death hitting the news, scammers started sending out spam e-mails with links purportedly to provocative news stories or videos about Jackson. The news stories, of course, never appear. Instead, people who click on those links are often directed to sites that try to install viruses.

Another