Internet search results have surpassed e-mail as the main way cybercriminals attempt to victimize Internet users.
That’s the upshot of an analysis of Web traffic from more than 75 million users on home and corporate networks conducted by Blue Coat Security Lab.
Researchers found criminals are poisoning the search results consumers receive when searching on Google, Bing, Yahoo and other search services — and at a rate four times more frequently than they are sending tainted links through e-mail.
The end game in each case is to get you to fall for scams or to infect and take control of your PC. “Searching is at least as dangerous as going into your e-mail in-box and clicking on things,” says Chris Larsen, Blue Coat’s chief malware expert.
Crooks know that every minute of every day hundreds of millions of people worldwide use search engines “mentally predisposed to click on things because we’re exploring,” says Larsen. The bad guys may be turning to tainted search results because e-mail defenses have gotten tighter, and most people are on the lookout for suspicious messages, says Peter Cassidy, secretary general of the Anti-Phishing Working Group.
Sometimes the tainted Web links show up when users search for information about major news events or celebrities. But increasingly, they are also surfacing in search results for hundreds of mundane topics, such as recipes and sample letters, Larsen says.
Google and Microsoft, which supplies the search engine for Bing and Yahoo search services, are pouring resources into eradicating poisoned search results. “A combination of automated and manual processes helps us respond quickly to evolving threats and stay a step ahead,” says Matt Cutts, who heads up Google’s “Webspam” team.
Even so, attacks continue to get through. In 2011, 26 million new samples of malicious software were detected on the Internet. And an estimated 39% of the world’s PCs are currently infected, according to the Anti-Phishing Working Group.
Poisoned search results add to the mix of bad things lurking on the Internet. Consumers can protect themselves by being wary of certain Web address endings. As a rule, it is wise to avoid clicking on links that include “.ru” (Russia) or “.cn” (China) in the address line, since attacks often originate from those nations.