Safety First When Searching the Internet

As always you must be careful what you click on when searching on search engines like Google, Yahoo and Bing. The  cybercrime community is lurking for you.

It has been found that earlier this year, that poisoned search engine results remain the number one malware threat on the Web. They account for a full 40 percent of all cyberattacks in 2011. The popular bait-and-switch tactic is nearly four times more likely to snag unsuspecting users than the once common spam email approach. People have gotten wiser to the email phish scams and they now only account for 11 percent of attacks. Social networking sites like Facebook, Myspace, Google Plus and others rounds out the top three threats with 6.5 percent.

Searching the web is as dangerous as going into your email inbox and clicking on links in your emails.

This is how it works, the scammers set up bogus websites, and theme them using terms that are likely to show up in search engine results. When the unsuspecting user clicks on a poisoned result in their search engine, thinking they are going to a legitimate website which was pertinate to their search, they end up landing on a site designed by the phishers to gather their financial information or get them to download a piece of malware or otherwise fall victim to whatever scam they are running. In many cases, users don’t even know they have been victimized until their information has been stolen.

Unfortunately poisoned search results are far from rare. There were 26 million new malware samples reported in 2011, according to the Anti-Phishing Working Group, and nearly 40 percent of the world’s computers are thought to be infected.   So what can you do to protect yourself from the risks of poisoned search results? Awareness is the key, as is a basic understanding of what legitimate Web addresses look like.   Scan the site description — Google and Bing display two lines of description text, alongside their text search results. This can provide clues to the site’s information. Look for odd text or broken language like it was mashed up by a computer, because the sites are typically written by computer or someone who is using a text translator   Check out the domain name to see if it one you’ve heard of. Does it seem to have something to do with the topic you were searching for? If not, move on and don’t click it, or you can use Google’s preview feature, where text-search results have a little button to the right. If you hover your mouse on it, it will display an image of the page. This lets you see if the page looks legitimate.   Is it a .com, .net, .org these are good top level domains and typically a legit business owns them. There are also many others such as .tv, .cc .co but usually the aforemention domains are the ones you want to look for.   It’s always important to protect your computer with antivirus and antimalware software, which will block many of the malicious infrastructures that run search engine poisoning attacks. ZoneAlarm anti-ransomware  is a good free one.

With millions of users clicking on Google, Yahoo and Bing search results every day, eventually someone is going to slip up and visit a malware site. It’s the sheer scale of search engine traffic that attracts the scammers. They seem to prefer to target searches to terms that are more niche. Getting ranked high in the search engine is not easy task especially for competitive keywords. This is why legitimate companies hire internet marketing firms like to get a better chance of showing up at the top of the search results page. So the scammers work on easy terms to rank for and people don’t expect poisoned search results when looking for obscure search terms, so their guard is down and they are more likely to click on the result and something on the site.