Threat Faced by Google Advanced Search Spam
Google is among the most developed search engines and to make search simpler, it carries a few advanced query words that have narrowed the extent of search considerably. It seems that the hackers have also discovered a technique to exploit this service to direct users to a URL promoting their products and services, by accessing Google's developed search operators.
Spammers have found out a way to game the advanced results. They can push out an authentic appearing Google URL and bring the people who click on it directly to the site of spammer. Unfortunately, the spammers have outlined the link, its destination site and operators in such a way that the link would automatically go to the site. And to the observer, it will appear exactly like an original Google search containing an extra query language which is related to the topic of spam.
At the start of October, the destination site had been already registered with the details of contact that appear deceptive.
Symantec expresses their astonishment over the fact that how the spammer was able to point search URL of Google to take to his or her zone. But after close analysis, it was discovered that the spammer was successful in making the search query specific to his or her Website and managed to reproduce a link's click to that Website, as reported by Symantec on November 2, 2007.
As Google is known to be a reputed ant trustworthy site, spam filters will pass the Google domain easily. Ironically, through the help of advanced operators, the spammers make it sure that anyone clicking on the "Google link" would come straight to the site concerned.
As per David Cawley of Mailchannels, the matter is more serious and grave than a typical spam redirect. For instance, he could craft a URL to point to an attachment instead of a Website, as per the reports of webpronews.com on November 5, 2007.
The spammers made sure that each time their stars favors them by accessing advanced search operators, "inhurl" and "intext", of Google. The "intext" operators return document which contain the specific word in their body of text and the "inhurl" search results restricts the results to documents containing that word in the URL.
Related article: Third Data Breach on Pfizer’s System
» SPAMfighter News - 19-11-2007