Monday, March 02, 2009

Links conned, trusted networks targeted

Malware hackers are present where the masses collect: Google, Facebook and Twitter.


"McAfee researcher Craig Schumagar points to the recent Gmail outage as an example. When that happened, many were searching for the cause or solution to the problem, and Schumagar shows how a malicious link copying verbatim the top news source text as a snippet, shows up fourth in the search rankings, following highly recognizable and trusted sources like Google News, Digg.com, and Mashable".

A later research found that this domain was linked to other trendy topics: Sharon Stone at the Oscars, Extreme Makeover foreclosure, Nicky Hilton, IHOP all you can eat pancakes promotion.

In trying to reach more e-mail inboxes, spammers are taking advantage of users by masking links typically ousted by filters by using Google search links to the target site instead of the URL itself. Facebook has issues as well because the company doesn’t verify or approve third party applications. When allowing these applications friends are spammed with a “Error Check System” message, and searching the phrase leads them to similar scareware index-related peril. Twitterers are also affected by having dangerous sites submitted by people they follow. Scammers are using scripts to follow those who follow them automatically to build up their follow lists. In addition, Twitter doesn’t verify email addresses, making it easy for spammers to sign up.

Targeting trusted social networks and social applications by hackers may have two purposes.
  1. Abuse the trust users themselves place in them.
  2. Taking advantage of Search Engine Optimization. Scammers are likely arriving there by taking advantage of trusted sites to gain “trusted” links, largely upon which Google bases its results.

It really makes me feel vulnerable specially since I use all the online services mentioned and I really do trust their sites. Its time for them to get more aggressive in protecting their users. Its worrisome to think that scammers could replace good SEO.

Source: Google Trends, SEO Create Hacker Perfect Storm. By Jason Lee Miller.

No comments: