Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    August 2014
    S M T W T F S
    « Jul    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • About Us

    Today’s social media sites like Twitter and Facebook can be convenient tools for users to easily get the information they want. Such sites can easily satisfy users’ desire to know more, especially in the wake of life-changing events.

    In the case of the recent disasters in Japan, hash tags related to victims’ safety, rolling blackouts, and public transportation, which were spontaneously created helped provide information at the time and continue to be effectively utilized.

    Click for larger view

    However, users should keep in mind that there is a lot of fake information mixed in with facts. There are a lot of cases wherein people simply accepted information as truth, leading to unnecessary anxiety and inadvertently contributing to the spread of lies. To help prevent such cases, we would like to share some tips on how to verify the sources of Tweets.

    The Jackie Chan Hoax

    Just recently, false news about the untimely death of the famous actor made the rounds online. According to the hoax, Jackie Chan died of a heart attack, prompting fans from all over the world to post related Tweets. A bogus news site Yahoo!7 News was used in this attack, effectively redirecting users to the malicious URL http://pastehtml.com/view/{BLOCKED}.html. The website was created using a hosting service known as PasteHTML, which allows users to anonymously register sites.

    Click for larger view

    There are various ways by which users could have verified the authenticity of this report. For starters, Jackie Chan has an official website as well as verified Twitter and Facebook accounts.

    The official website of Jackie Chan http://jackiechan.com/
    Twitter account @EyeOfJackieChan http://twitter.com/EyeofJackieChan
    Facebook account of Jackie Chan http://www.facebook.com/jackie

    Further investigation eventually revealed vital information about the source of the hoax. A simple Google search returned about 3,200,000 results related to this information, as shown in Figure 3.

    Click for larger view Click for larger view

    To trace the source, I used Google Realtime Search (http://www.google.com/realtime/), which enables users to search for the latest related information from online services like Twitter, FriendFeed, Facebook, MySpace, indenti.ca, TWiTArmy, and Jaiku in real time. The tool can also filter search results by area and time as well as track each Tweet by thread.

    Using the key words “Jackie Chan Dead” on Google Realtime Search returned the following results:

    On the right-hand side, a timeline of the search results shows a graphical representation of the influx of information. Using the data that the search yielded, I was able to see that the occurrence of the key words barely existed prior to March 29, 2011 at 2:00 A.M. Pacific time but rapidly increased soon after. Interestingly, the above-mentioned fake news report was posted at around the same time, which proves that it contributed to proliferating the hoax.

    Finding the Source

    In an attempt to dig even deeper, I looked beyond the notable peak in posts and went as far back as March 12, 2011. I found an interesting Tweet, which was posted just a day after the recent disaster occurred in Japan.

    Click for larger view Click for larger view

    Looking at these comments, one can surmise that these were probably from Jackie Chan fans who were concerned about his safety and hoped that nothing bad happened to their idol. Most noticeable about the Tweets, however, is the appearance of the word “flood,” which was associated with the tsunami that recently hit Japan.

    But why did news reports of Jackie Chan’s death suddenly increase? Let us continue to backtrack further. I was able to find possibly relevant Tweets posted on March 8, 2011. This discussion thread seemed rather innocent and could easily pass off as a normal conversation among friends. However, there were instances when even seemingly harmless posts resulted in the spread of a hoax.

    Given Twitter’s 140-character limit, retweets tended to shorten posts, which could contribute to contracted messages that may no longer look like the original posts. Most hoaxes disappear without going mainstream. However, once a hoax is posted on trusted sites or combined with facts known among people, the possibility that it explode increases.

    This is what happened when one of the greatest disasters hit Japan. Hoaxes proliferated, especially in relation to celebrities and famous personalities like anime creators. Interestingly, these hoaxes were found to have originated from neighboring countries instead of from Japan. These bogus reports undoubtedly generated a lot of interest.

    Take for instance a list of famous Japanese manga authors confirming their safety that spread in China. Unfortunately, we do not have a way to verify how and why the list was created. Therefore, we cannot conclude if the list is a hoax or not.

    Click for larger view

    Apart from causing confusion among users, popular topics can also be leveraged by cybercriminals to lead users to malicious sites. Using typical blackhat search engine optimization (SEO) tactics, users can end up on sites serving malware and can become victims of other attacks using various social engineering techniques.

    Trend Micro, in an effort to protect users from blackhat SEO attacks, has been developing a method to find malicious websites as soon as possible among popular search results. This method uses a combination of data from the Smart Protection Network™ and information on “rapid increase in key word ranking” announced by Internet search engines in each country. Users can benefit from the results of this new method through the Smart Protection Network Web reputation service.

    On the other hand, we still urge all Internet users to be careful when looking for information online and to ensure that their sources can be trusted. We also strongly advise users to confirm the integrity of information they find on the Internet before sharing this with other users, whether through social media or through other means.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice