Google Trends Used to Promote Fake Anti-Virus SoftwareBest Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    Best Protection for your PC and SAVE $10 NOW Click Here | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
GFI LANguard - New Version 9 Out Now - Dld 30-day trial! del.icio.us  digg  Furl  NewsVine  Spurl  Blinklist  Ma.gnolia  Reddit  Tailrank  YahooMyWeb 
Best Tips
Top 5 Free Online Virus ...
A New Malware Defense: E...
Introduction
What to Do If You're a V...
What does anti-virus sof...
Watch that Linux Login !
Microsoft Office Attacks
How To Truly Delete File...
How to Use Instant Messa...
Use Common Sense To Keep...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Bugtraq: Re: Joomla Component GameQ
2008/12/4 18:16:29
Bugtraq: [ MDVSA-2008:237 ] apache2
2008/12/4 18:16:29
Bugtraq: [USN-687-1] nfs-utils vulnerability
2008/12/4 18:16:29
Bugtraq: iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability
2008/12/4 18:16:29
Mal/Gampass-C
2008/12/4 16:42:07
Downloads
 0.Advanced Audio CD Ripper
 1.Aplus video to Xbox Converter
 2.MediaBatcher Module
 3.Pianito MicroStudio
 4.Creative Design ChartMaker
 5.365 Deep Space Screen Saver
 6.TV Pro 2.0
 7.Witch PIM
 8.SSCP Security Exam Guide + 3 More FREE ...
 9.PL Compiler MYOB Excel
RSS / Atom Feeds
Web Security : Google Trends Used to Promote Fake Anti-Virus Software
Posted by Max on 2008/10/9 14:10:42 (343 reads)
Web Security

Internet criminals are using Search Engine Optimization tactics to promote links to free hosted blog sites in an attempt to dupe unsuspecting visitors into infecting themselves with malware and fake anti-virus products, say experts from Marshal's TRACE threat team.

Criminals are using tools such as Google Trends to identify the most popular and current Internet search terms. The same criminals then use new blogs on free hosting sites, such as Windows Live Spaces and AOL Journals, featuring the same search terms. When an Internet user then makes a search using those popular terms they get multiple links to these hosted blog sites in their search results.

If the user then clicks on the link, thinking it is relevant to their desired search, they are taken to a blog site with an apparent embedded video player. If the user clicks on the video player, they are prompted to load a 'codec', which surreptitiously loads malware, including fake anti-virus software that promises to clean non existent viruses from the computer in return for their credit card details.

"A recent example of an exploited search term was 'OJ Simpson Verdict'," said Phil Hay, lead threat analyst for Marshal's TRACE Team. "The criminals identify this as a 'hot' search term and then ensure their Windows Live Spaces blog contains 'OJ Simpson Verdict'. This promotes the blog up the order in Google search results and increases the chances that users will hit those web pages."

"Using search engine optimization to promote web pages hosting malware shows increasing levels of sophistication and professionalism on the part of the criminals," said Hay. "The use of fake video players to disguise the installation of fake anti-virus programs is not new. This kind of activity has been going on for many months now, but previously the links have been promoted via spam. This new approach shows a diversification of tactics."

According to Marshal, the malicious executables downloaded by clicking on the fake video player are not reliably detected as malware by established antivirus programs, further adding to the seriousness of the criminal's activity.

"Fake anti-virus programs are especially prevalent right now," said Hay. "Once installed, the program pops up and tells you it has found viruses on your computer and offers to clean these if you are willing to pay via credit card. The viruses the program reports are fake, the program itself is fake and the so called legitimate company you deal with is fake. The whole thing is a con designed to part you from your money. It is fairly sophisticated and convincing."

"Now the criminals are trying new methods of promoting their malicious web pages that aren't dependant on spam. Our advice is to not blindly trust results from Google searches, and be wary of these kinds of links to hosted blog sites. Also, if you are unfortunate enough to be infected by one of these fake anti-virus products, do not provide any credit card information or payment of any kind. Use a legitimate and reputable anti-virus solution from a name brand vendor," said Hay.

Marshal's TRACE Team blog - http://marshal.com/trace/traceitem.asp?article=783

About the Marshal TRACE Team
TRACE (Threat Research and Content Engineering) is a group of Marshal security analysts who constantly monitor and respond to Internet security threats through the TRACE website at http://www.marshal.com/trace. TRACE services are provided as part of standard product maintenance that includes updates to Marshal's unique, proprietary anti-spam technology, SpamCensor. TRACE analyzes spam, phishing and Internet security trends and provides frequent automated updates to Marshal customers. It also provides "Zero Day" security protection against new email and virus exploits the day they emerge.

About Marshal
Marshal is a global leader in content security across multiple protocols, enabling organizations to secure their IT environment, protect against threats and comply with corporate governance needs. Marshal provides customers with a complete portfolio of policy-driven email and Internet solutions that integrate content filtering, compliance, secure messaging and archiving.




Other articles
2008/12/4 2:24:49 - Google Chrome Browser to Get Security Extensions
2008/12/4 2:04:47 - Practical Guide for Secure Christmas Shopping by Panda Security
2008/12/1 4:01:09 - GFI Releases the Most Advanced Version of GFI LANguard™
2008/12/1 3:46:23 - New From Symantec : Norton AntiVirus 2009 Gaming Edition
2008/11/26 14:25:35 - NEW! FREE IObit Advanced SystemCare Version 3.0
2008/11/26 14:21:32 - Discretix and MontaVista Linux Release DRM Content Protection
2008/11/23 5:41:27 - High School Musical Songs and Videos Used to Infect Unsuspecting Users
2008/11/23 5:18:40 - Beware Microsoft, Free Anti-Virus Is a Hard Taks ! Warns AVG
2008/11/18 16:16:42 - Beware of Increased Identity Theft on Upcoming Black Friday and Cyber Monday
2008/11/18 16:11:38 - Microsoft Plans New FREE Antimalware Product Codename "Morro"

The comments are owned by the poster. We aren't responsible for their content.



 

HOME | NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | SECURITY BOOKS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Jan '08 | Feb '08 | Mar '08 | Apr '08 | May '08 | Jun '08 | Jul '08 | Sep '08 
Best Security Downloads offers 4000+ free and free to try security downloads