Virginia shooting - don't open that link!

Scammers and cyber criminals love to capitalise on tragedy, and we can't help but click

Shootings in America are, sadly, not unusual, but when two journalists were shot live on air on Wednesday last week, social media went into overdrive.

What made this particular attack unique is the fact it was filmed and broadcast by the victims as it happened and, it later transpired, the shooter himself had recorded the murder and posted it online before taking his own life.

Very quickly, my Twitter feed was full tweets from news organisations such as the Huffington Post linking to stories containing the "graphic footage" or, in the case of Russia Today, having a short Vine of two people dying auto-play when you scrolled down.

Soon though, news outlets reacted to the revulsion people expressed at their decision to rebroadcast the footage and removed it from their stories. Facebook and YouTube were also diligent in their efforts to remove the footage taken by shooter Vester Lee Flanagan as it was posted and reposted.

Advertisement - Article continues below

But, for some, the desire to see the footage first hand is too much, and cyber criminals know this as much as - or perhaps better than - anyone else.

By the evening, the Virginia trend on Twitter was full of rather suspicious-looking links to the "full uncensored video".

Social engineering attacks that take advantage of our curiosity are among the most successful at attracting victims and are also relatively easy to create, which is why they remain so popular with cyber criminals as a vector of attack.

It's not just social media, either - emails are still circulated in the wake of tragedies, be it a link to an alleged miracle survival video from a natural disaster or something more grisly, as in this case.

"Malicious actors are always going to use something that's in the media to try and lure in victims," Tim Grieveson, HP's chief cyber and security strategist, told IT Pro. "We're human, we are voyeurs, and they know that."

"To protect against successful attacks, you need to have good technology in place, but it's also about educating people to be careful, both in the business and at home. There are still a lot of people who get caught out by phishing emails - they still click that link - but education now has to be mulit-platform and include social media as well," Grieveson said.

Even though there's a strong moral argument against it, curiousity will always get the better of some people - they want to feel hope in the face of disaster, they want to feel righteous anger when ISIS execute a prisoner, they want to see something ususual and shocking.

But, just maybe the threat of malware, rather than a salacious video, will make us think twice in future.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now



Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
Policy & legislation

Irish Data Protection Commission has questions for Facebook

29 Jan 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
digital currency

China prepares to launch the first domestic cryptocurrency

6 Nov 2019

Most Popular

digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019
Mobile Phones

Samsung sails past Apple's market share despite smartphone market slump

28 Nov 2019
mergers and acquisitions

Xerox to pursue hostile HP takeover after $30bn gambit fails

28 Nov 2018