Mar 23, 2011 10:20 GMT  ·  By

Security researchers from GFI Software warn that black hat SEO attacks poisoning search results related to Easter have already begun, even though the holiday is still a month away.

The rogue links were spotted when searching for Easter printable cards and most of them pointed to domains in the .pl zone.

Black hat SEO attacks leverage the PageRank of compromised legit websites by using them to host so called doorway pages.

A doorway page appears filled with relevant content and keywords to search engine crawlers, but redirect real users to malicious sites.

In this case, like with most black hat SEO campaigns, the rogue search results lead users to scareware distribution pages.

These are sites that display fake security alerts claiming people's computers are infected with malware in an attempt to trick them to download fake antivirus products, also known as rogueware.

These programs prompt users with even more warnings in order to convince them to pay for useless licenses and also abuse their credit card information.

The printable cards keyword combination seems to be a common target for search result poisoning campaigns, especially those related to holidays.

Security researchers expect the frequency of scams and attacks targeting Easter to increase significantly as the holiday approaches.

Users are advised to exercise increased caution when searching the Internet and surf the Web with an up-to-date antivirus program installed.

There are also free products designed to protect against exactly this type of attacks. For example, the M86 SecureBrowsing add-on available for Internet Explorer and Firefox, scans links in search results in real time and displays a safety mark next to each one.

Other security products like Malwarebytes' Anti-Malware are particularly good at detecting and cleaning scareware threats in case of infection.