Search Engines used to spread malware

There is more security information for you today, this time in the form of a warning against bad typists and Google.

According to a report by Finjan cyber criminals are using Google as a means to get into your wallet. They way they do this is by checking Google search trends and then use search engine optimization to cover common misspellings of the various key words.

What happens next is that these sites are indexed by search engines and when someone misspells a word these sites show up as legitimate sites. The search engine optimizations allow for these fraudulent pages to be indexed higher in the search results. When an unsuspecting user clicks on the link it redirects the user to a page that then attempts to down load malware. This makes the click though page a large amount of money too. Even at 9.6 cents per click.

Finjan used an example of the rouge anti-virus applications over a period of just 16 days over 1.8 million people were redirected to the fraudulent sites. That makes $172,000 for that 16 day period.

Read more here

Just how successful is this type of attack? In one day, Finjan was able to capture a number of successful redirects to compromised sites by search engine:

Google - 404871
Unknown - 19502
Yahoo - 14913
AOL - 9380
Auto - 7097
Comcast.net - 1880
Ask - 1083
Live.com - 508

Finjan found that 1.8 million users were redirected to a rogue anti-virus software site in 16 days. Member sites that redirected users to the rogue sites were paid 9.6 cents for each successful redirection. This translates into $172,000, or $10,800 per day. Who said cyber-crime does not pay?