Video: Royal engagement search results poisoned, warn security firms

Some search results related to the engagement of Prince William and Kate Middleton lead to rogue websites that offer fake anti-virus scans, security firm...

Some search results related to the engagement of Prince William and Kate Middleton lead to rogue websites that offer fake anti-virus scans, security firm Sophos has warned

"We've seen this trend before with hot news stories," said Graham Cluley, senior technology consultant at Sophos. "Cybercriminals take advantage of popular search terms to direct browsers to bogus security sites and trick them in to handing over credit card details, or into downloading further dangerous software on to their computers."

Scams of this type can be extremely successful at passing revenue quickly and directly into the hands of attackers, said Cluley.

The criminals convince the user that their machine is in danger so they are tricked into downloading bogus software. Once the computer is infected with fake anti-virus software, it will continue to bombard the user with warning messages encouraging them to pay for threats to be removed.

"People must not be distracted by the latest photo of the happy couple when clicking through to links," continued Cluley. "We all need to be on our guard when browsing unknown and untrustworthy sites."

Connected to the same attack method, Websense Security Labs have issued a warning about the Instant Previews service launched by Google last week.

The service allows users to see what a page looks like before going to it by clicking the magnifying glass next to Google search results, but with the bogus Royal engagement search results, the service showed a legitimate looking page, Websense warned.

"While this would at first appear to be a simple way to help you make an informed decision as to whether a link is malicious or not, our research shows that the images shown in Instant Previews aren't updated as frequently as you'd hope and there's is no guarantee that the user will land on the page shown in the preview," said Elad Sharf, senior researcher, Websense Security Labs.

"Taking a look at a known Black Hat SEO'd website from searches relating to Prince William's engagement this week, Instant Preview returns a very legitimate looking page, complete with pictures and relevant words.

To unsuspecting eyes, he said, the page displayed for the poisoned search results looks clean, but anyone clicking on the link would be directed to a malicious website.

Video demonstrating the attacks >>

This was last published in November 2010

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...