Malware and the moral compass

There’s no such thing as bad news.

All publicity is good publicity.

These are widely held beliefs by those involved in self promotion – for good or for bad.

We’ve known for a long time that malware producers have a penchant for people’s hope and fears, delivering good news, celebrity gossip or hooking into wider world events.

One recent example is emails telling you there was a tax refund coming your way which had a peak earlier this year that HMRC did some work to educate people about.

Recently anti malware companies have taken to issuing alerts about trends as they happen. Symantec warned us about the Serena Williams outburst at the US open, for example, in which links from Web searches trying to find the footage took people to Web sites carrying malware.

And now, most recently, an email hit my inbox yesterday, again from Symantec, warning that the recent Indonesian earthquake has generated its own spurt of malware.

I can’t put it any better than Hon Lau of Symantec “Unfortunately there is no event, no matter how heartbreaking, which a hacker will not try to profit from.”

Some cynics will say that the anti malware companies are making hay out of such events themselves, issuing easy press releases on the back of activities the clued up among us will anticipate and be ready for. Others will say the companies are doing their job, making us aware of possible pitfalls so that we don’t fall into traps unwittingly.

Symantec has certainly got some publicity out of this blog post, so they’re onto a winner in that sense. But if the post has also alerted even one reader to something they weren’t aware of and prevents them from making a click that could cause them problems down the line, then Symantec has achieved a double win. And I’m happy to help them try.