Symantec warns of rigged Google search links

Advanced search options lead clickers straight to junk sites.

Spammers have found a novel use for Google's advanced search options and 'I'm Feeling Lucky' function, using a combination of website setup and custom searches to create genuine Google search links which will lead directly to their sites.

VB100

Spams have been spotted by researchers at Symantec containing links to the Google search engine, with complex search details appended, including 'inurl' and 'intext' information which guarantee the search will turn up a 'googlewhack', a single page return. The links also carry data indicating the use of the 'I'm Feeling Lucky' button, which leads from searches to a random - or this case less than random - page from the outputted results. The examples seen lead to replica watch and jewellery sites.

More details and examples are at the Symantec blog here.

06 November 2007

Tags: google, social engineering, spam.    del.icio.us  digg this! digg this

Poll

Will the current banking crisis lead to an increase in phishing attacks?
Yes
No
I don't know

Leave a comment
Jobs Career Sidebar

Malware Prevalence

NetSky |#################|
Agent |##############|
Zbot |#########|
Bifrose/Pakes |########|
Mytob |#######|
 View this month's full report
Virus Bulletin currently has 137,981 registered users.