According to GFI Labs, an increase in search engine optimization (SEO) poisoning attacks are exploiting several recent high-profile news events. GFI Labs, the dedicated malware research center of GFI Software, warned that searching topics as the disasters in Japan, Charlie Sheen and the NCAA “March Madness” tournament should be on high alert for poisoned search engine links leading to malicious websites.
In fact, according to Yahoo! Sports, recent searches for the term “NCAA brackets” have increased by 109,038%, making it an attractive, high-volume target for malware writers.
Using blackhat SEO poisoning techniques, cyber criminals are able to manipulate popular search engine results to include malicious websites. Unsuspecting users are then tricked into clicking on seemingly legitimate links. To avoid falling victim to this type of attack, GFI Software offers consumers the following tips:
1. Always deny a download when it comes from an unfamiliar source. Dubious links pointing to fake antivirus websites will continue to be a threat in search engine results. Simply being redirected to one of these sites is typically not a danger in itself. However, agreeing to do things such as downloading the installer, double clicking it, or allowing it to run can all lead to an infection.
2. Avoid clicking on websites with names such as “Celebrities with Diseases” that may appear in search engine results. Stick to trustworthy news sites in the various news portals of search engines, such as news.google.com.
3. Do not provide personal information, especially credit card numbers, if redirected to a site through a web search. Instead, navigate directly to the official site by typing the web address into your browser. Many fraudulent sites are carefully engineered to spoof trusted ones, in order to entice the user into providing financial information.
“Malicious attackers target trending topics and big news stories in SEO poisoning attacks because they often turn out to be the most popular search terms in a given time period, said Chris Boyd, senior threat researcher, GFI Software, in a statement.
“The unfortunate reality is that without a heightened sense of awareness of this threat, innocent web users looking to help with relief efforts in Japan or stream the latest NCAA basketball game can unknowingly click on rogue search results that lead to malicious content. We urge consumers to be extra cautious when browsing the web, regardless of the topic, and to think twice before clicking on search results linking to websites with which they are not familiar.”
No comments:
Post a Comment