Hackers Use Search Engines to Divert Users to Phishing Sites
According to Marshal, an online security company, there is an increasing trend for hackers to manipulate search engines to direct users to fake websites. The company, during the 2nd week of March 2009, drew people's attention to this type of phishing attack and the part that search engine optimization (SEO) plays.
Reportedly, when the attack misdirects users, a bogus security warning is emerged that prompts the end-user to load a fake anti-malware program. Marshal further says that the search engine results display the misrepresentations which include cloned sites of the California College basketball and Franchise Tax Board websites, etc.
In addition, hackers also embedded corrupt links on other sites, especially in the comment sections. This practice on blogs is popularly called 'blog spamming'. The links establish a connection with automated programs that aid hackers in accessing a computer.
Marshal also states that it has found a number of SEO schemes that hackers are using to raise the web page rankings among the search results. Consequently, these web pages receive many more visitors, a number that would not have been possible otherwise. The dubious search hits are devised to attract a large number of innocent web surfers to websites that bombard them with scare tactics, encouraging them to buy bogus antivirus software.
Furthermore, the company noted that every search result associates to a different web page as it concentrates on a specific search term or keyword. So anyone searching for one of these keywords is likely to get the related page among the series of search hits. Thus, with the use of a large number of keywords, those behind the SEO scheme are able to get a vast volume of traffic on their malicious pages.
In any case, Google and Microsoft, the providers of search engines, have not discussed the measures they adopt to block these search results.
Meanwhile, according to a study of 2,486 fake sites, it was discovered that 76% were hosted on hijacked servers that hackers controlled after spotting security flaws through search engine requests.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 27-03-2009