Easter Search Results Poisoned With Malware

Security researchers at the Security Company GFI software have cautioned that black hat search engine optimization (BHSEO) attacks have already started poisoning search results related to Easter, although the holiday is still a month away (April 24, 2011).

The fake links were found while looking for Easter printable cards and most of them pointed to domains in the .pl zone.

Further, BHSEO attacks have a method that results in artificial inflation of the PageRank of harmful websites, to push them on the first pages of search results for keywords related to the event that is being exploited.

In this particular case as well, the rouge search results led users to scareware circulation pages.

There are websites that show fake security alerts informing that people's system are infected with malware with a motive to click them to download forged antivirus products, also known as rogueware.

These programs urge users with further more warnings to persuade them to pay for worthless licenses and also exploit their credit card information.

The keyword combination of printable cards seems to be a common target for search result poisoning campaigns, particularly those associated with the holidays.

Senior Threat Researcher at GFI software, Chris Boyd, said that cyber attackers target burning or latest topics in SEO poisoning attacks as they are generally found to be the most famous search terms in a given period of time, as reported by e-security Planet on March 21, 2011.

Security officials foresee the frequency of scams and attacks targeting Easter to rise extraordinarily as the holiday approaches nearer.

Security experts stated that, it is due to the BHSEO campaigns of the aforementioned types that have resulted in a tremendous increase in malware over the Internet.

Boyd asked consumers to be extra careful while browsing the web, and to think twice before clicking on search results linking to websites, which are unknown.

Besides, users should not reveal private details, particularly credit card numbers, if redirected to a website through a web search. Rather, users must directly type the web address into the browser. The company said that, several fake websites are carefully made to spoof authentic ones for luring the user into revealing personal information.

Related article: External Software Can Allow malware into Windows Vista

» SPAMfighter News - 3/31/2011