2015 Most Dangerous Celebrity

Who doesn’t love to search for celebrities online? From red carpet photos, to clips of the latest fashion faux pas, Hollywood gossip on the Web has a lot of us hooked. But sometimes, our interest in the stars can lead us into the digital danger zone.

Intel Security has dubbed electronic dance music DJ Armin van Buuren as the Most Dangerous Cyber Celebrity of 2015.

The company found that when Web users search for his name combined with the terms "free MP4," "HD downloads," or "torrent" they have almost a one in five chance of landing on a malicious site when they click on the search results.

A number of other musicians also generate dangerous search results, according to Intel Security's Most Dangerous Celebrities study.

"With today's busy culture and a desire for real time information, consumers often click on sites that will quickly provide them with news and entertainment, without considering safety and security implications," said Stacey Conner, online safety expert at Intel Security. "Cybercriminals leverage this need for immediacy by encouraging people to visit unsafe sites that can steal private data."

Indeed, it's worth reminding employees to access content directly from official websites of content providers, to only download videos from legitimate sites, and to use caution when searching for "HD downloads," which is by far the highest virus-prone search term

Cybercriminals will continue to innovate, looking for new ways to take advantage of our interest in pop culture to steal personal information.  Luckily, there are a few things you can do to keep yourself safe:

• Only download from verified sites. Don’t download anything from a website you don’t trust. If it looks suspicious, your hunch about its legitimacy is probably right. Access content directly from reputable sources, such as Apple Music and Google Play Music.
• Be strict when sharing your personal information. If you receive a message from an unknown website asking for your log-in, or requesting other personal information, about face. Cybercriminals often pose as legitimate companies to scoop up your sensitive information via email, text, or other methods of communication. Be wary of these phishing tactics to avoid becoming a victim of identity theft.
• Let an online safety advisor be your guide. When it’s hard to tell if a site is legitimate, a web advisor can help. 
• Use comprehensive security. Whether you follow celebrity gossip or not, it’s always a good idea to protect your devices from potential infection.

Cash extortion scheme targets BitTorrent users

A new type of malware is riding the wave of file-sharing pre-settlement letters by infecting BitTorrent users’ machines and then demanding payments in order to make imaginary lawsuits go away. ICPP Foundation try to give the impression they are RIAA and MPAA affiliated but the whole thing is a scam to extort cash and obtain credit card details.

BitTorrent users are targeted by an unprecedented extortion campaign that threatens them with legal action for copyright infringement, unless the pay a $400 "fine".

According to TorrentFreak, the method of infection is yet unknown. It could be through a download of a fake file or a email attachment. In any case, the infected user is faced with this alert:

It locks the screen and redirects the user to the site of the ICCP Foundation, which purports to be a "law firm which specialises in assisting intellectual property rights holders exploit and enforce their rights globally."

This professional-looking site lists the Recording Industry Association of America (RIAA), the Copyright Alliance (CA) and the Motion Picture Association of America (MPAA) as partners, in a bid to give an aura of legitimacy to the site.

The alert also has a very polished look that could fool many into believing the claims it states. The scareware even searches for .torrent files located on the user's hard drive and then displays their names on the alert. The user is threatened with 5 years in prison and a $250,000 fine, and is asked to choose one of the two options: "Pass the case to court" or "Settle case in pre-trial order".

If he chooses to "go to court", he is faced with a warning pop-up that tries to scare him some more ("Performing this action is construed as a refusal to cooperate…") and recommends the user to cancel the action and choose the "pre-trial settlement" option:

If he chooses the "settlement" option, he is asked to enter his name, address and credit card number in order to pay the various fees included in it:

Users are warned not to fall for this scam. When faced with something like this, it's always good to do a quick research online. If the claim is fake, you will be able to find proof very easily.

On another note, I can just see the music and movie industry moguls reading about this and thinking to themselves: "Could we do something like this?"

Full report here.