GMA News Online

Sophos: New wave of scareware attacks target Easter-related searches

April 6, 2012 11:02am
People searching for Easter-related items such as "eggs," "chocolate" and "bunnies" may have to think twice before clicking on the sites that come out on top of the search results.

Computer security firm Sophos warned Friday (Manila time) a new wave of scareware attacks is targeting computer users searching for the term "Easter."

Sophos said it noted an increase in the volume of search engine optimization (SEO) attacks that put malware-hosting sites on top of the search results.

"(W)ith Easter imminent, it is not surprising that SEO attacks we have seen this week have used topics such as 'eggs,' 'chocolate' and 'bunnies,'" Sophos said in a blog post.

"This is a good time to remind people about the dangers of blindly trusting search engine results," it added.

It noted the first search result may lead to a site with fake anti-virus (scareware), one of which called itself "Windows Care Taker."

Sophos said a variety of rogue info sites are used in the scareware installation, with fresh ones being registered and used all the time.

"The reason why SEO attacks are successful is that all of us tend to trust search engine results. After searching for something we happily click any of the links high up in the first page of results," it noted.

Sophos said its products can identify the components involved in the attack as Mal/SEORed-A, Mal/FakeAvJs-A, Mal/FakeAV-PY.

"Before you click on search engine results, cast a quick glance at the site in question. This may not always help, but if the domain looks completely unrelated to the topic you are interested in, think carefully before clicking," it advised.

As for those using browsers that support plug-ins, it advised them to consider hiding or modifying their referrer.

"(T)he SEO attacks rely on knowing you came via a search engine when you click through to the SEO page," it said. — LBG, GMA News
Go to comments

We welcome healthy discussions and friendly debate! Please click Flag to alert us of a comment that may be abusive or threatening. Read our full comment policy here.
Comments Powered by Disqus