Google’s top search terms are under attack from cybercriminals. In the last seven days, more than 284 top search terms have been attacked by more than 6600 malicious URLs according to SonicWALL data.
The threat team has found up to nine of the top 20 Google search terms are under attack at any one time. To help individuals defend against these types of threats, SonicWALL’s threat research team has identified certain search terms that have returned the greatest number of malicious sites and has developed several tips for combing through search terms.
“Cybercriminals use whatever is at their disposal to spread malware. In this instance they are launching attacks against Google’s top search terms that identify the most popular stories of the day,” said Deepen Desai, Lead Malware Researcher, SonicWALL.
“These criminals are now going after these top search terms using their knowledge to insert malware infected websites almost immediately after people show interest in a particular news site.”
Using social engineering tactics, cybercriminals are able to jump onto the latest news events ranking high on Hot Search to draw more traffic to their infected websites. Search Engine Optimisation (SEO) tactics are then used to make the websites show up higher in the search results, thus making it more likely that individuals will click on them. The counter offensive to remove these threats is on-going. However, some sites have remained within search results for a number of hours before being removed. Recent and topical infected searches include:
- A search on “elinor burkett” within a 24-hour period between March 8th and 9th presented 40 unique malicious URLs appearing in Google search’s top 30 results.
- A search on “the new tenants” on March 8th presented 56 unique malicious URLs appearing in Google search’s top 30 results.
SonicWALL suggests you remember the following tips when searching for a news event:
- Be diligent when clicking on the links that show up in search engine results. Be sure to look at the URL before you click on it. Quite often the legitimate sites show up with complete readable sentences in their description whereas the malicious sites show up with jumbled keywords.
- If you do click on a malicious website, quickly get out of it. Most of the malware found redirect to fake antivirus websites that pretend to discover malware on a computer and offers to sell antivirus software that will clean it up.
- Make sure that your antivirus is up to date. Use defence-in-depth by layering protection, having antivirus both on the gateway and the client.
- Steer clear of any kind of video codecs or protection software executables downloads prompted by most of these sites.
- Do not execute any files that come through e-mail attachments.
