Google has removed ads that appear alongside Google search results that re-directed users to malicious sites. But, according to security experts, the fix is temporary and search engine users should not assume sponsored links are all trustworthy.
“Search engines are just too easy a target for bad guys,” says Roger Thompson of Exploit Security Labs. On April 25, Exploit Prevention Labs reported that malware distributors were using advertisements placed via Google’s automated AdWords system to infect unsuspecting end-users with spyware designed to capture bank login user names and passwords.
Thompson says Google’s removal of the ads is a temporary fix and that Google and other search engines need to overhaul their automated advertising systems.
McAfee Data Confirms Risky Ad Trend
Other research by security firm McAfee’s SiteAdvisor division found in a December report that 8 percent of sponsored results from top search engines AOL, Ask.com, Google, MSN, and Yahoo can often lead to Web sites that contain spyware and scams, and are operated by people who love to send out spam.
SiteAdvisor reports 0.13 percent of all links on major search engines results contain browser exploits. AOL and Ask.com, it reports, have a slightly higher number of dangerous links with 0.17 percent linking to sites with browser exploits.
“Sponsored links are 2 to 4 times more likely to contain risky sites including those with exploits,” says Shane Keats, a McAfee research analyst.
The report also puts into question Google’s own interstitial warning page designed to prevent Google users from visiting dangerous sites. In SiteAdvisor’s tests it says Google warned consumers for only 18 percent of Google general search results containing browser exploits.
McAfee SiteAdvisor, it should be pointed out, sells a browser security toolbar SiteAdvisor Plus ($20) and also gives away a reduced feature version of the toolbar.
Latest Threat is New and Nasty
According to Thompson, the way the exploit found within Google’s sponsored links worked is, when someone searched on Google for “BetterBusinessBureau”, for example, a list of sponsored links appeared alongside search results. If someone clicked a booby-trapped sponsored link they were the ad would redirect their browser through URLs that attempted to automatically download a virus program (MSO6-014) onto their computers before passing them along to the actual sites that were advertised.
Exploits buried in the normal search results (not sponsored) have long been a problem for search engines. The challenge scammers have had is getting their rigged sites and links seen within search results. By purchasing ads that appear at the top of search results scammers get the visibility they need to drive traffic to their exploited sites.
“People assume a level of trust when they visit a sponsored link,” Thompson says. He says until search engines do more to vet the ads that are submitted all bets are off as to a sponsored link’s legitimacy.
To protect yourself you should consider downloading either XPL’s Linkscanner, Scandoo’s toolbar, or McAfee’s SiteAdvisor, all available in free versions.
Source : PC World – http://blogs.pcworld.com/staffblog/archives/004248.html