Security researchers have warned of a slew of fake obituaries designed to make money for their creators by redirecting visitors to adult entertainment sites and initiating antivirus (AV) popups.
Secureworks claimed in a new blog post that the scammers monitor Google search trends to identify interest in obituaries following a death, and then create fake notices using generative AI (GenAI).
They then use classic search engine optimization (SEO) poisoning techniques to ensure the pages these fake obituaries are hosted on are ranked high up in search results.
Visitors to these sites are sometimes redirected to adult entertainment or e-dating sites, Secureworks said.
Read more on SEO poisoning: Malware Redirects 15,000 Sites in Malicious SEO Campaign
However, they may be presented with CAPTCHA prompts that install web push notifications or popup ads when clicked. Although these present the victim with fake AV warnings, they ultimately lead to legitimate subscription-based AV downloads, the research claimed.
The scammers can monetize this via affiliate rewards, if the victim is scared into downloading the AV software, and/or from pay-per-impression revenue from the popup ads, Secureworks said.
Secureworks senior threat researcher Tony Adams explained that scammers are deliberately trying to make money from emotionally vulnerable individuals.
“The last thing they expect to see when looking for an obituary of a loved one is a fake virus infection scam. The scammers are utilizing a potent combination of AI, social engineering and weaknesses in popular search engines to line their pockets,” he added.
“While the scam right now focuses on monetization from popup ads or affiliate reward programmes for things like antivirus subscriptions, our concern is that this could easily evolve into more sinister outcomes like malware delivery.”
The obituaries themselves are fairly easy to spot as they’re likely to use flowery language combined with an impersonal tone, the blog warned. Sometimes details of the deceased may be incorrect – in one recent case the individual wasn’t even dead.
Source: https://www.infosecurity-magazine.com/news/fake-obituary-sites-grievers-porn/
“An interesting youtube video that may be related to the article above”