14 DAY TRIAL // Security researchers warn of a new black hat search engine optimization (BHSEO) campaign, which poisons search results for free printable holiday cards with malicious links.
With the holiday season approaching, people are increasingly scouring the Internet for ideas of greeting cards they can send to their family and friends.
Malware distributors know this and, as always, are ready to take advantage of it in order to infect users with their malicious creations.
In order to do this, malicious websites are pushed at the top of search results for particular keywords by artificially increasing their Google PageRank.
Security researchers from GFI Sunbelt warn that keyword combinations of free, greeting cards, print, Hanukkah or Christmas, currently have a high chance of leading to scareware pages.
These pages mimic antivirus scans and falsely warn victims that thier computers are infected. The sites normally offer an alleged security program for download.
This software is malicious and installing it will cause even more bogus alerts about fictitious infections to be displayed. The purpose of these applications is to scare users into buying licenses.
People who fall for the scam, not only part with their money, buy have a high chance of compromising their credit card details in the process and exposing themeselves to even more abuse.
Scareware, also known as rogueware, has plagued the Internet for years and it's amazing that after so much time a significant number of users continue to be affected by such threats.
The distribution of scareware is an important part of the underground economy and in addition to BHSEO, scareware pushers pay botnet runners to deploy their software on as many computers as possible.
Users are strongly encouraged to avoid downloading files, especially executable ones, from websites claiming that they are infected and offering them solutions.
"To avoid poisoned links in a search engine you should beware of: sites that appear a number of times in the list of search engine hits, all showing the same phrases, [and] URLs that are made up of random alpha numerical characters and meaningless," Sunbelt researcher Tom Kelchner, advises.