We got Osama bin Laden so that malware alarmists can get you
In the light of [NAME OF NEWS EVENT] we are cautioning users to beware of Internet scams and other abuse. Be on the lookout for Facebook messages related to [NAME OF NEWS EVENT], scrutinize search engine results related to [NAME OF NEWS EVENT] and look out for new domain names using [NAME OF NEWS EVENT] to attract your attention.
Oops, sorry folks! I filed my template without filling it in first. My bad.
Just about any news event brings with it warnings like the one above from the security industry to people like me who pass them on to people like you. In the wake of the snuffing of Osama bin Laden we got a full-scale assault of such warnings, but I've always thought there's no need for news to get involved. To me it's like "Watch out for drunk drivers on new years eve."
We had similar warnings for scams and malware for the royal wedding, on the Japanese earthquake, even just for Christmas. Every major election, every major sporting event, every natural or man-made disaster is a reason. Security firms could write the press releases months in advance using templates like the one I put up top. They could have an actual editorial calendar and sell ads. The scammers probably work the same; they know the World Series is coming in October; why not develop their attacks in advance?
I have a hard time believing that warnings do a wole lot to save people who don't see these attacks for what they are right off. The fact that nothing will ever substitute for such common sense is the best reason to believe that we'll never be rid of such attacks.
Larry Seltzer is a freelance writer and consultant, dealing mostly with security matters. He has written recently for Infoworld, eWEEK, Dr. Dobb's Journal, and is a Contibuting Editor at PC Magazine and author of their Security Watch blog. He has also written for Symantec Authentication (formerly VeriSign) and Lumension's Intelligent Whitelisting site.