SOPA Web Protests Sure to Inspire Malware Distribution Scams

Internet users should be extra vigilant during the demonstrations against the controversial anti-piracy bills for online scams and malicious Websites.

Scammers are expected to take advantage of the online dissent protesting the draconian nature of the proposed anti-piracy bills currently in Congress to promote their own malicious agenda, according to ESET.
A number of Websites, large and small, went dark for 24 hours on Jan. 18, including the English version of the online encyclopedia Wikipedia, quirky link aggregator BoingBoing and user-driven link sharing site Reddit. The protest centers around their opposition to the Stop Online Piracy Act currently under debate in the House Judiciary Committee and the Protect IP Act expected to reach a floor vote next week in the Senate. Opponents call the measures proposed in the bills "draconian," and claim they will stifle innovation, restrict freedom of speech and undermine the foundations of a free and open Internet.
Not all companies opposing the proposed legislation are shutting down for the day. Some, such as and Google, have marked up their homepage to highlight their opposition to the controversial bills. Others are displaying large interstitials on their sites to encourage users to sign anti-SOPA/PIP petitions. There are also plenty of companies that aren't doing anything, such as eBay, Twitter and Yahoo.
While some users may not notice a difference in their online activities if the sites they visit daily aren't participating in any online demonstrations, they are still at risk for cyber-criminals who will try to trick them into visiting malicious sites or clicking on a scam, Aryeh Goretsky, an ESET researcher, wrote on the ESET Threat blog.
Malicious scams such as "exclusive" videos that deliver malware and fake Websites proliferate during major news events, as was evident after the death of Osama bin Laden and the devastating tsunami and earthquake in Japan in March 2011.
"Like other newsworthy events these days, it is likely to generate attempts by organized criminals to promote malicious Websites," wrote Goretsky.
Criminals like to manipulate search engine results through black hat search engine optimization techniques to promote malicious Websites as users search for information about the proposed legislation and the online protest demonstrations. As always recommended during these kinds of major news events, users should go to sites they recognize for information instead of relying on searches. If search results are necessary, carefully looking at the description may be helpful in weeding out some of the most egregious offenders.
If someone sends a link, via email or on social networking sites such as Facebook and Twitter purporting to be from Wikipedia or any of the other sites that will be unavailable, the smart thing is to not click on it, even if it is an "exclusive" link that is guaranteed to work. Check carefully when filling out online petitions to make sure they are not phishing pages asking for unnecessary personal data.
Users should keep in mind that Websites participating in the blackouts will likely resume normal activity around their announced time. In the case of Wikipedia, that would be midnight Eastern Time Jan. 19. Users should ignore pronouncements about sites returning to operation early or Web services and applications that promise to help bypass the blackout, according to Goretsky. "It is unlikely they will resume much earlier, and some may even be slightly delayed in returning to normal activity," Goretsky said.
Whatever the criminals are promoting would have a far more malicious impact than not being able to spend time on those sites, according to Goretsky. "Ignore them and wait for the site to return at its preannounced time," he said.
Beware of fake donation Websites soliciting funds to support the fight against SOPA. These donation scams proliferated after the tsunami and earthquake in Japan last spring.