Celeb names used to spread spyware, malware, phishing scams

Malware creators take advantage of celebrity popularity
October 2008
by Robin Wark

Searching for some pics of a gorgeous celebrity to brighten your computer screen? Looking for a hot new ringtone for your phone?

Be careful about what you search for! According to recently released research, looking online for items associated with popular celebrities could result in viruses, spyware or being the victim of identity theft scams.


"Attackers know that if the movie/star/game is popular, many people will be tempted to seek material related to them," said ParetoLogic spyware analyst Jean Taggart. "It isn't very safe to do a Google search, and just go downloading whatever shows up."

For example, Brad Pitt is reportedly the world’s most dangerous online celebrity of 2008, dethroning last year’s champ, Paris Hilton. Eighteen percent of the search results for the Legends of the Fall star led to malware-related websites. Those fans seeking Pitt screensavers had a fifty percent chance of being infected with malware.

Searching for singer/actress Beyonce can also be dangerous to your computer. She was No. 2 on the list. Research found that looking for Beyonce ringtones could lead to scam websites that seek to gather your personal information for fraud. Rounding out the top five of 2008’s most dangerous celebrities were singer Justin Timberlake, reality star Heidi Montag and singer Mariah Carey.

Malware authors often use "carrots" such as screensavers and ringtones to entice users into downloading malicious code. Taggart emphasized that he is not saying that by downloading screensavers or ringtones that you are going to be infected, but that the odds are higher.

ParetoLogic's Spyware Analysis Team (S.W.A.T.), which Taggart is part of, uses a "honeypot" (a system without any defenses) to attract emerging online threats. The team often finds malware with the common screensaver file extension of .scr in the trap. Taggart recommends only downloading screensavers from sites such as official movie pages and only using trusted ringtone sites, where you often must ante up for the song.

In general, he cautions people to keep their computers protected by updating their computer defenses, using an anti-virus product that has frequent updates and using a firewall. As well, Taggart said common sense is important in keeping you and your PC safe. If a site doesn't feel right, it probably isn't.