David Jacoby, Kaspersky Lab Expert wrote this blog post yesterday and it shows that employees need to be on their toes with security top of mind even when they visit the largest websites. Here is a summary of the post:
The malicious ad that was running on Aftonbladet was only triggered when a user was running Internet Explorer. When you visit Aftonbladet and you are using Internet Explorer you will get redirected to another website and on that page is a static image of a fake warning from Microsoft Security Essentials. It is the image above, and shows they have detected viruses on your computer, and you need to fix it. The picture is not really from the Microsoft Security Essentials tool, but something that the bad guys created to scare people that they are infected. This is a very common techniques by malware writers. When you click on the picture, you do not fix anything, you actually download the malicious file.
Is this really important? The malicious ad was removed very quickly from Aftonbladet, it was not exploiting any vulnerabilities, and it was a "simple" social engineering attempt. But I think this is a very interesting and important story to tell. Most users today have the perception they need to visit shady websites to get infected, but look at what happened here, the largest website in Sweden was spreading malware, not because they got hacked, but because someone most likely bought or compromised the ads running on the website. Large websites often include content from other websites, and if the bad guys compromise any of those websites they can also manipulate the content which is getting included by the large website.
The need for security awareness training is only getting more, not less. You have to be careful out there, even if you visit the really big websites. STOP LOOK THINK.