CarltonFoster.com

“Hey, did you hear there’s a new voice mail from Tiger Woods?”

“What was that recipe for coconut cake?”

“My video isn’t playing properly, do I need new codecs?”

Simple, innocent questions like these can lead to not so innocent results… but why? There’s a term in search technology called Search Engine Optimization or SEO for those with lazy fingers. Search engine optimization (SEO) is the process of improving the volume or quality of traffic to a web site from search engines via “natural” or un-paid (“organic” or “algorithmic”) search results… like Google’s search algorithm, PageRank.

Here’s a quick peek at PageRank:

For a more detailed and explained breakdown:
http://en.wikipedia.org/wiki/PageRank

But I digress… how does all this turn into a user getting infected?

In recent years, hacker SEO tactics, also called spamdexing, attempt to redirect search results to particular target pages in a fashion that is against the search engines’ terms of service. Some of the tactics include: keyword stuffing, hidden text and links, doorway and cloaked pages, link farming and blog comment spam.

Criminals are using tools such as Google Trends to identify the most popular and current Internet search terms. The same criminals then use new blogs on free hosting sites, such as Windows Live Spaces, Blogspot, and AOL Journals, featuring the same search terms. When an Internet user then makes a search using those popular terms they get multiple links to these hosted blog sites in their search results.

If the user then clicks on the link, thinking it is relevant to their desired search, they are taken to a blog site with an apparent embedded video player. If the user clicks on the video player, they are prompted to load a ‘codec’, which surreptitiously loads malware, including fake anti-virus software that promises to clean non existent viruses from the computer in return for their credit card details.

Our advice is to not blindly trust results from Google searches, and be wary of these kinds of links to hosted blog sites. One simple way to assist in identifying possible bad sites is using the Firefox add-on Web Of Trust. While their primary source of knowledge is ratings from other users, they also take advantage of nearly a hundred carefully chosen trusted sources, such as listings of phishing sites. This provides WOT with a fast, automated and reliable means of protecting their users from new, rapidly spreading online threats.

You can find it here:
http://www.mywot.com/en/download/ff

And as always, if you find yourself the victim of such nefarious techniques, please call IT Security at x44200