by  Nidhi Shah, Security Researcher

Along with media, homeland security and Al-Qaeda supporters, another group of people got to work immediately after Osama Bin Laden was killed: malware authors. This is not surprising given malware writers propensity to take advantage of the day’s current events as a way to reach the largest number of eyeballs and victims.

This news is no different. We noticed multiple campaigns taking advantage of the news within hours of its announcement. One such campaign showed up on Facebook offering a video of the killing:

Wall from account spreading fake videos

Clicking on the link leads the user to a fake blog with video, which in turn requires the user to “Like” it in order to get to the video. However in doing so (“liking”), the user is authorizing the malware to post on his/her wall and fill it up with other “Like” messages that were never authorized. “Like” messages are shared automatically via the Facebook newsfeed on a user’s network; therefore, these messages quickly become viral and spread via trusted channels.

Newsfeed from victim account

There are multiple other campaigns taking advantage of this news and also creating new related headlines to get more attention. Like this campaign (again on facebook):

Wall from another account trying to promote sites with fake headlines

Clicking on that link will lead you to the blog full of such fake headlines.

Blog from fake headline campaign

While this one did not directly lead to any malicious impact, clearly the headlines are fake. That leads us to believe that we might have encountered it while malware authors were still in the process of preparing their next malicious campaign. Or that they could be taking advantage of current events and user curiosity for increasing search engine ranking for these pages.

Our advice to readers is to be cautious while browsing the Web to look for more details related to this event and any other major news in general. We recommend visiting the major news channels directly to get more information rather than click on links in Facebook or Twitter, even if they are seemingly posted by friends or trusted sources.

In case you haven’t noticed, social networking sites are taking over the Internet. They receive the most traffic; they generate the most media attention, and let’s face it: they’re where all the cool kids are hanging out. Unfortunately, as these sites become more and more popular, they also become more and more attractive as targets for attackers.

So what can you do to protect yourself from attackers? If you’re incredibly paranoid, you can just boycott all social networking sites (that’s what the Marines do). Or if that’s a little too extreme, you can always follow these five simple guidelines for protecting yourself in these environments:

1.) Don’t use “password” as your password. I know it’s easy to remember, but it’s also incredibly easy to guess. Instead, use a strong password with at least 8 characters that consists of numbers, mixed case letters, and special characters. Also, be sure to use a hard-to-guess password reset question (i.e., don’t end up like Sarah Palin’s Yahoo! account).

2.) Don’t use the same password at multiple sites. I realize this is somewhat inconvenient, but consider the alternative. If you use the same password at every site, what happens when one of your accounts is compromised? You guessed it: all of your accounts are compromised! Scary, right?! Now, go change your passwords!!!

3.) Don’t give your username and password to untrusted sites. Some legitimate sites will ask for your username and password (e.g., sites that support Facebook Connect), but you should always verify the trustworthiness of a site before you enter your credentials. When in doubt, err on the side of caution and avoid becoming yet another phishing victim.

4.) Don’t click on that! Never click on links from unknown users because they can lead you to any number of malicious destinations. Even if you trust the user, use caution because you never know when one of your friends has been compromised (not everyone reads this blog ). Also, be extremely careful with shortened URLs because you have no idea where they will lead you. To be on the safe side, use an unshortener (e.g., Untiny, Unshorten, etc.) to determine a shortened URL’s final destination.

5.) Verify the trustworthiness of people by using reputation systems such as Purewire Trust and TweetGrade. Social networking sites are like the Wild Wild West of the Internet, but reputation systems aim to establish a sense of order to these sites so that users can make informed decisions in these environments. Before interacting with unknown individuals in a social networking site, you should check their reputations in one of these systems to safeguard yourself from malicious activity.

If all else fails, just remember to use common sense! When a smoking hot stranger sends you a friend request or a link, just ignore it and keep on moving.