With interest still very high in news of Osama bin Laden's death, malware and spam are having a field day on social networks like Facebook and Twitter, say Web and software security companies.
And the FBI Tuesday issued a warning to computer users to "exercise caution" when they receive emails that "purport to show photos or videos" of bin Laden's killing, with links in those emails leading to havoc for some users' machines.
Cybercriminals, looking to get your personal information by having you click on a link, or spammers trying to get you to buy rogue anti-virus software the same way, are also "liking" Facebook - and Twitter - a lot in recent days to "spread malicious links claiming to be images of bin Laden's death," says Kaspersky Lab.
Behind the success is how quickly such links can be disseminated, "the implied trust of social network contacts" and the "prevalence of shortened URLs," the company says.
"We were especially concerned about the potential distribution of malware on social networks, because of their speed of propagation," says Kaspersky Lab expert Vicente Diaz on a company blog. " So we have been monitoring Twitter, getting some million tweets and a huge number of URLs too. No surprise here as during the last 24 hours the average was 4,000 tweets per second related to this topic.
Kaspersky found a Facebook "scam campaign posing as Osama's death video."
The company also "found this link being distributed in several tweets, especially among Brazilian users," Diaz said.
"The point is how malware reacts quickly to use major events for its distribution, registering domains and using social networks in the first hours," he said. "We urge you to be very careful to avoid these scams."
In addition to checking security pages for Facebook and Twitter, various security software companies have Web pages about user safety. Among them: SophosLabs' "Facebook Security Best Practices."
McAfee Labs said it expects to see even "more related malware in the coming days and warn computer users to be cautious when they receive messages that purport to offer photos of Bin Laden's body, funeral or any additional details."
"We have been seeing variations of what I can only call 'expected lures,' " include purported videos showing bin Laden's death, said David Marcus on the company's blog.
"Beware of any verbiage, subject lines in emails, links via Facebook or Twitter that contain words like these, as they will almost certainly just get you into trouble.
And, of course, the expected, but still good advice, from a security software maker: "Make sure your security software is fully updated and be sure to use safe browsing software as well."
The FBI said in a press release that emails with supposed links to bin Laden death photos or videos could unleash a virus that can damage computers.
"This malicious software, or 'malware,' can embed itself in computers and spread to users' contact lists, thereby infecting the systems of associates, friends, and family members," the agency said. "These viruses are often programmed to steal your personally identifiable information.
"The Internet Crime Complaint Center ... urges computer users to not open unsolicited (spam) e-mails, including clicking links contained within those messages. Even if the sender is familiar, the public should exercise due diligence. Computer owners must ensure they have up-to-date firewall and anti-virus software running on their machines to detect and deflect malicious software."
The complaint center has these recommendations for computer users:
•Adjust the privacy settings on social networking sites you frequent to make it more difficult for people you know and do not know to post content to your page. Even a "friend" can unknowingly pass on multimedia that's actually malicious software.
•Do not agree to download software to view videos. These applications can infect your computer.
•Read e-mails you receive carefully. Fraudulent messages often feature misspellings, poor grammar, and nonstandard English.
•Report e-mails you receive that purport to be from the FBI. Criminals often use the FBI's name and seal to add legitimacy to their fraudulent schemes. In fact, the FBI does not send unsolicited e-mails to the public. Should you receive unsolicited messages that feature the FBI's name, seal, or that reference a division or unit within the FBI or an individual employee, report it to the Internet Crime Complaint Center at www.ic3.gov.
If you're not sure how to change the privacy settings on your Facebook page click here.