When something as horrific as the event during the Boston Marathon takes place, we see first responders and ordinary citizens performing extraordinary acts of valor to save the lives of the people that were injured. In trying to understand what took place and find those responsible, everyone around the world used technology for the latest information about the incident.

During this time of confusion and uncertainty, cybercriminals used this opportunity to introduce a malware e-mail campaign with breaking news about the event.

I’m sure we all have some choice words for these individuals, but the best way to defeat them is by foiling what they’re trying to do. The malware was discovered by the research labs at Commtouch (News - Alert). The company provides security solutions to some of the largest companies in the world, including HP, Google, 1&1, LG N-Sys, Microsoft (News - Alert) and many others.

According to Commtouch, the first e-mails were discovered on April 16 at about 6:00 p.m. EDT, which was 27 hours after the incident. The messages were sent with subjects about the marathon such as "BREAKING - Boston Marathon Explosion," "Explosion at Boston Marathon," "Boston Explosion Caught on Video" and "Video of Explosion at the Boston Marathon 2013."

The only text the body of the e-mails contained were an IP address and an HTML document with boston.htm. and news.html.

It’s very important that if you receive an e-mail from someone you don’t know, to not open it. One of the easiest ways to leak malware onto your device is by opening these messages, and that’s why cybercriminals use this scheme.

When the link in the e-mail was clicked, the user is directed to YouTube (News - Alert) videos from the event. If you don’t know any better, you’d think it’s a legitimate site and continue to watch the videos. But Commtouch tells us the site contains an iframe leading to a malicious Java code that is activated when the site is opened in the browser (An IFrame or Inline Frame is an HTML document embedded inside another HTML document on a site).

This lets the criminal drip malware into your computer under the radar.

Commtouch warns this type of tactic is being used to gain access by cybercriminals, with the most recent one being the appointment of the new pope.

If you never open an e-mail from someone you do not know, you greatly reduce your risk of being attacked. If you want the latest news, go to your preferred news outlet directly.