St Patrick's day scamMany of us are all too vulnerable to scams and hacker attacks – even more so after a cocktail or two. Scammers just love big, national celebrations. They have a rapt audience, hungry for information and if there are opportunities to get a bargain, all the better. Tomorrow is St Patrick’s Day. That means money, targeted scams and digital trickery.

What all too often happens is hackers send out fake emails promoting gifts, creating holiday cards, making a little extra green, or any other come on to get you in their scamming web. Like all malicious mail, click and you are doomed. Phishing-type techniques are in abundance here where the messages look as legit as possible, including short form URLs, seemingly less suspicious by masking the link’s destination.

One of the most flagrant approaches, though not altogether original, is to scare end users into thinking they have a virus. The cure then is a virus itself – a take-off on the old bogus anti-malware packages.

In one unusual iteration, the ploy sounds like it should be read with a bad Irish brogue;

Subject: St. Patrick’s Day Irish Virus Alert
E-mail Body: Top o’ the mornin’ to you. Bejesus! You have just received the “The St. Patrick’s Virus”. We don’t have too much programming experience, so this virus works on the “honour” system. Please forward this email to everyone on your mailing list and then manually delete all the files on your hard drive. Thankin’ you in anticipation for your co-operation. Paddy

Imagine the gall of asking the user to send this bogus supposed virus-laden email to all their friends, and at the same time destroy all the information on their own hard drive! Problem is there are plenty o’ eejits that fall for this stuff. You need security tools that can stop these attacks in their tracks, rather than relying on the good judgment of all your users. A head’s up to your users before or at least on the big day wouldn’t hurt either.

Fake search results for St. Patty’s Day screensavers and wallpaper are another annual hacker ruse. You search for a festive image, click on whatever results the search engine serves you with and you end up at a malicious site. These bad search results are a form of SEO poisoning where malicious pages trick search engines such as Google and Bing into ranking them, sometimes near the top of the search page.

Proper email security that can block malware and filter for terms relating to malicious activity are critical to stopping this nonsense, as is a wee bit of training.

These security threats have now also found their way into social media sites. Year after year, Facebook and Twitter end up littered with embedded malicious links that promise Irish images, drinking songs and videos. Here’s one example:

St' Patrick's day scam

Having control of the web is one effective measure against this anti-social behavior. If you can monitor web traffic for suspicious content, and at the same time block malicious software, your St. Patrick’s Day won’t leave you with a hangover. If your network is secured by Irish charm alone and your email server blocks 1 in 100 spam or phishing emails, then you need to look at some form of email security.  It’s an investment you won’t regret. Happy St Paddy’s Day.