As suggested by the latest report of Symantec on “Rogue Security Software” Google enjoys high popularity among hackers who p0is0n links in the search results because of its large market share in the search engine industry. “Google’s breadth and speed of indexing also play a role,” says Symantec.
Symantec reported that search engine results p0is0ned with links to fake antivirus software have been a constant problem for Internet users. However, it is an effective way for cyber attackers to infect users’ machines. According to Symantec’s Report on Rogue Security Software, the culprits of these “t0xic” search results are typically scam perpetrators who use a range of black hat search engine optimization (SEO) techniques to p0is0n search engine results and increase the ranking of their scam websites on search engine indexes.
A rogue security software program is a misleading application that pretends to be legitimate security software, but provides the user with little or no protection. In some cases, it actually facilitates the installation of malicious code that it claims to protect against.
Symantec has observed search results constantly and generated statistics on the top search trends every hour and determined how many were malicious (within the first 70 Google search results).
Among the key findings identified between March to April 2010, on Google search results include the following:
– On average at any given hour, 3 out of the top 10 search trends contained at least one malicious URL within the first 70 results;
– On average, 15 links out of the first 70 results were malicious for search terms that were found to be p0is0ned (had at least one malicious URL);
– On average on any given day, 7.3% of links are malicious in the top 70 results for top search terms (see Figure 1);
– The most p0is0ned search term resulted in 68% of links leading to malicious pages in the first 70 results;
– Almost all of the malicious URLs redirect to a fake antivirus page.
It is apparent that attackers continue to be effective at p0is0ning search results. They have an automated infrastructure that is able to automatically collect the latest, most popular search trends and p0is0n the results, the company said.
Symantec advises internet users (most of whom use Google on a daily basis), to be careful when clicking on search result links, especially when searching for hot search topics. Symantec also advised to follow its Twitter feed to find out the latest news on Internet threats.