Wednesday, June 20, 2012

Something new to worry about online


Be careful what you click on when searching the Web; the international cybercrime community is coming for you.

That's the message from Internet security firm Blue Coat, which earlier this year found that poisoned search engine results remain the number one malware threat on the Web, accounting for a full 40 percent of all cyberattacks in 2011.
The popular bait-and-switch tactic is nearly four times more likely to snag unsuspecting users than the once common email-based approach, which now only accounts for 11 percent of attacks. Social networking rounds out the top three threats with 6.5 percent. The Blue Coat report was based on an analysis of the Web traffic of more than 75 million users. 
"Searching is at least as dangerous as going into your email in-box and clicking on things," Chris Larsen, Blue Coat's chief malware expert, recently told USA Today.
The scam works like this:
The bad guys set up themed "bait sites" using terms that are likely to show up in search engine results, as a way to trick users into visiting their sites. When the unsuspecting user clicks on a poisoned result in their search engine, thinking they are going to a legitimate site related to their search, they are served a site designed by the phishers to gather their financial information or get them to download a piece of malware or otherwise fall victim to whatever scam they are running. In many cases, users don't even know they have been victimized until it's too late.
What you can do.
  • Scan the site description — Google and Bing display two lines of "flavor text" alongside their text search results, which can provide clues to the site's provenance. "Look for disjointed, random text, like it was mashed up by a computer (because it was)."
  • Check out the domain name — "Is it one you've heard of? Does it seem to have something to do with the topic you were searching for?"
  • Preview before clicking — "Google now has a 'preview' feature, where text-search results have a little button to the right. If you hover your mouse on it, it will display an image of the page. This lets you see if the page 'looks legit.'"
  • Know your top level domains (TLDs) — "There are a lot of two-letter TLDs assigned to specific countries: .RU = Russia, .IN = India, etc. If you're searching for a U.S. culture topic, like Halloween costume ideas, or Thanksgiving recipes, or Christmas decorations and your search returns results on .RU or .IN, etc, ask yourself if it's likely that a site hosted there would really have good content about your search topic."
  • Use protection — It's always important to protect your computer with antivirus and antimalware software, which will block many of the malicious infrastructures that run search engine poisoning attacks.
Learn more.
Posted by Terry A. Kirkpatrick at 6:55 AM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)