malaysia airlines MH17 Ukraine
An armed pro-Russian separatist stands on part of the wreckage of the Malaysia Airlines Boeing 777 plane after it crashed near the settlement of Grabovo in the Donetsk regionReuters

In what is now a well-established pattern, cyber-criminals are looking to cash in on the interest generated by major news events, this week targeting those looking for news about the Malaysian Airline Flight MH17.

While typically criminals try to lure people into clicking links on Facebook and Twitter with suggestive headlines, following the MH17 tragedy they have gone one step further.

In the days following the 17 July crash, fake Facebook accounts in the names of some of the victims of the Malaysian Airlines tragedy were set up - including the names of three children from Western Australia - with links suggestive headlines like:

"Video Camera Caught the moment plane MH17 Crash over Ukraine. Watch here the video of Crash."

MH17 Malaysian Airlines Facebook Scam
One of the fake victims profile pages created by criminals looking to take advantage of the interest in the tragedy.Facebook

The links redirect users to websites with multiple pop-up ads for suspicious services.

Shut down

Facebook has now shut down these pages, but the criminals will likely continue to post links on other pages in order to trick people into clicking on the links.

A Facebook spokeperson told IBTimes UK:

"We are disabling these profiles as soon as we are made aware of them. We encourage people to block those responsible and report suspicious behaviour to our team of experts via our reporting buttons so that we can quickly take the appropriate action."

The Boeing 777 aircraft was flying 1,000ft over the no-fly zone over eastern Europe when it was hit, killing 283 passengers and 15 crew members.

Scams like these are typical following major international incidents like this, with the disappearance of Malaysian Airlines Flight MH370 earlier this year also being used by criminals.

Previously we have seen the Boston marathon bombing, the death of Paul Walker and the Royal Wedding all being used to try and lure people into clicking on links on Facebook.


However Facebook is not the only platform being used by cyber-criminals to spread mapicious links.

Within hours of Malaysian Airlines official tweet about losing contact with MH17 malicious messages began appearing on Twitter.

Security company Trend Micro reports that the URLs linked to in the suspicious tweets - which included the popular #MH17 hashtag in order to be more easily discoverable - were a combination of links to regular blogs as well as malicious sites which hosted malware.

Links to the former were simply to boost page views/ad impressions while the latter saw two types of malware being downloaded onto people's systems.

Trend Micro said: "We expect that as soon as more details of the MH17 crash unfolds, cybercriminals will launch other attacks that may possibly lead to personal information theft and system infection. Users are highly recommended to remain vigilant for threats that could leverage this news."