By Candid Wueest
In January we pointed out that cyber criminals took advantage of the large interest in the super bowl 2010 to lure unknowing people to their malicious sites. The most common method is to modify search results rankings of popular search engines and push specially crafted websites to the top.
Just recently we saw the same scheme used again, this time feeding off the film industry’s Academy Awards. Searching for keywords like “Oscar winner 2010” or “best actress winner 2010” resulted in up to nine malicious websites being returned in the top 10 hits (see screenshot below).
From this it is clear that the only winners are the attackers. Also, as if poisoned search engines are not be enough, we’re seeing similar attacks on major social networking sites like Twitter as well. Popular search terms are hijacked and fake messages are generated containing shortened URLs pointing to malicious websites.
One thing is certain – we can be sure that similar schemes will target the 2010 World Cup when it kicks off in June. Users need to be especially on the alert for high interest stories like a rank outsider toppling one of the favourites or questionable decisions from referees.
People are hungry for news and just clicking on a link seems so innocent. Unfortunately, clicking on a dubious link can be all it needs to infect your system with malware.
So, whatever you do stay vigilant. Use common sense while browsing the web. Ensure that your system is up to date with patches and that your security software is running at all times.