Google Trends Used to Promote Fake Anti-Virus Software
To: TECHNOLOGY EDITORS
Contact: Monica Shaw, Carabiner Communications, +1-770-367-9534, mshaw@carabinerpr.com
Marshal TRACE team urges people to use care when clicking on free hosted blog sites as a result of an Internet term search
ATLANTA, Oct. 8 /PRNewswire/ — Internet criminals are using Search Engine Optimization tactics to promote links to free hosted blog sites in an attempt to dupe unsuspecting visitors into infecting themselves with malware and fake anti-virus products, say experts from Marshals TRACE threat team.
Criminals are using tools such as Google Trends to identify the most popular and current Internet search terms. The same criminals then use new blogs on free hosting sites, such as Windows Live Spaces and AOL Journals, featuring the same search terms. When an Internet user then makes a search using those popular terms they get multiple links to these hosted blog sites in their search results. If the user then clicks on the link, thinking it is relevant to their desired search, they are taken to a blog site with an apparent embedded video player. If the user clicks on the video player, they are prompted to load a codec, which surreptitiously loads malware, including fake anti-virus software that promises to clean non existent viruses from the computer in return for their credit card details.
A recent example of an exploited search term was OJ Simpson Verdict, said Phil Hay, lead threat analyst for Marshals TRACE Team. The criminals identify this as a hot search term and then ensure their Windows Live Spaces blog contains OJ Simpson Verdict. This promotes the blog up the order in Google search results and increases the chances that users will hit those web pages.
Using search engine optimization to promote web pages hosting malware shows increasing levels of sophistication and professionalism on the part of the criminals, said Hay. The use of fake video players to disguise the installation of fake anti-virus programs is not new. This kind of activity has been going on for many months now, but previously the links have been promoted via spam. This new approach shows a diversification of tactics.
According to Marshal, the malicious executables downloaded by clicking on the fake video player are not reliably detected as malware by established antivirus programs, further adding to the seriousness of the criminals activity.
Fake anti-virus programs are especially prevalent right now, said Hay. Once installed, the program pops up and tells you it has found viruses on your computer and offers to clean these if you are willing to pay via credit card. The viruses the program reports are fake, the program itself is fake and the so called legitimate company you deal with is fake. The whole thing is a con designed to part you from your money. It is fairly sophisticated and convincing.
Now the criminals are trying new methods of promoting their malicious web pages that arent dependant on spam. Our advice is to not blindly trust results from Google searches, and be wary of these kinds of links to hosted blog sites. Also, if you are unfortunate enough to be infected by one of these fake anti-virus products, do not provide any credit card information or payment of any kind. Use a legitimate and reputable anti-virus solution from a name brand vendor, said Hay.
More Information
Marshals TRACE Team blog – http://marshal.com/trace/ traceitem.asp?article=783
About the Marshal TRACE Team
TRACE (Threat Research and Content Engineering) is a group of Marshal security analysts who constantly monitor and respond to Internet security threats through the TRACE website at www.marshal.com/trace. TRACE services are provided as part of standard product maintenance that includes updates to Marshals unique, proprietary anti-spam technology, SpamCensor. TRACE analyzes spam, phishing and Internet security trends and provides frequent automated updates to Marshal customers. It also provides Zero Day security protection against new email and virus exploits the day they emerge.
About Marshal
Marshal is a global leader in content security across multiple protocols, enabling organizations to securetheir IT environment, protectagainst threats and complywith corporate governance needs. Marshal provides customers with a complete portfolio of policy- driven email and Internet solutions that integrate content filtering, compliance, secure messaging and archiving. Forty percent of the Global Fortune 500 companies use Marshal security solutions to secure their corporate messaging networks and Web access against internal abuse and external threats such as viruses, spam and malicious code. More than 7 million users in over 18,000 companies worldwide use Marshal solutions to protect their networks, employees, business assets and corporate reputation and to comply with corporate governance legislation requirements.
Marshals Americas headquarters is in Atlanta, Georgia, with corporate headquarters in London (UK) and offices in Auckland (New Zealand), Houston (USA), Johannesburg (South Africa), Munich (Germany), Paris (France) and Sydney (Australia). More information is available at www.marshal.com.
SOURCE Marshal
(c) 2008 U.S. Newswire. Provided by ProQuest LLC. All rights Reserved.