Apr 27 2009
We all know it’s going to happen and probably sooner than later; spammers will figure out that people are panicking about swine flu and they’ll start registering domain names and sending out email offering the latest information and drugs guaranteed to stop swine flu. I’m actually surprised that it hasn’t started already, but I guess even spammers take the weekend off occasionally.
There are a few fairly simple steps you can take to protect your users from being taken in by this spam. First of all, inoculate them by giving them real information about the swine flu. Stephen Northcutt has written up a pretty good post with lots of links to important information like what influenza really is and what steps people should be taking to prevent the spread of the flu. Here’s a couple major hints: wash your hands often and stay home if you’re sick.
The second step you can take is to keep an eye on the Internet Storm Center. There hasn’t been much activity in the spam arena around swine flu, but the guys at the ISC will probably be some of the first to let us know when it starts. It’s not a question of if we’ll get spam related to the current public panic, so keep your eyes and ears open to prevent your users from getting taken in.
The third thing I can’t suggest highly enough is don’t panic. There’s a lot of media hype around the swine flu, but the reality is, this doesn’t yet appear to be anything much more than our annual round of the flu. True, it could turn into a lot more and we don’t yet have a vaccine for this strain, but relatively few people have died and most of those appear to be people who were already in a weakened state. Plan, know what you’ll do if things do turn out to be worse than they appear, but do so in a calm, reasoned way. Think of this as another incident response drill where you need to think about the steps you’ll need to take well in advance and you’ll be fine.
Update: Looks like the spammers started some time early this morning: Swine Flu spam from McAfee Avert Labs Blog