Royal Baby and Spanish Train Accident, Innovative Baits for CNN Breaking News Scams

Cyber-criminals continue to take advantage of the royal baby’s popularity to spread a spam campaign with potentially malicious links. More than 2 per cent of the total spam now flooding inboxes uses the newborn of Kate Middleton and Prince William as bait.

The CNN breaking news scams lure users with the promise of exclusive information and videos about the UK royal baby, and about the Spanish train accident that claimed 77 victims.

According to Bitdefender Labs, the spam campaign mostly originates in the US and Latin America. Besides Brazil, Chile and Peru, our antispam experts also identified samples generated by Iranian, Indian and Polish IPs. To spread the scam even further, criminals use a botnet that controls infected machines in several countries.

Cyber-crooks have carefully crafted the spam campaign, as they alphabetically arranged recipients’ addresses. The other clue to their – “professionalism” is the recycling of a spam template already used for phishing attacks on Facebook.

“Malware emails such as these are sadly very widespread online and the practice of using trusted household brand names is common,” CNN representatives said. “Fortunately most internet users are wise to these tricks and know not to click on links from unfamiliar sources, but we do of course take the issue of our users’ security very seriously. Our security team is currently investigating these latest emails and we will continue to do everything possible to combat attempts to use our brand in this way.”

Natural disasters, celebrity deaths and events such as the royal baby’s birth become interesting baits for scammers to attract a large number of users. CNN is not the only media corporation whose reputation is frequently abused by cyber-criminals. Fox News fell victim of a similar attack this summer, after a malware campaign infected users worldwide with fake updates from the media website about Syria and World War 3.

Besides malicious spam, news corporations are targeted by Twitter hacks and website exploits. Most recently, a campaign exploited open redirect vulnerabilities on the CNN website to flood Twitter users with diet spam allegedly from the media company.

The Bitdefender Safego team is also keeping an eye out for Facebook scams that might start spreading “exclusive” videos with the royal baby.

This article is based on the technical information provided courtesy of Adrian MIRON, Bitdefender Spam Researcher.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.