• BREAKING NEWS ABC shows live and on-demand -- Download the WATCH ABC app!

Experts warn of 'search-engine poisoning' computer schemes

February 4, 2013 12:00:00 AM PST
Most of us know these days to be cautious opening emails from someone we don't know, or not opening suspicious attachments. But now computer crooks have found a way to target us on search engines. Here's this cyber scheme works and what can you do to prevent it from happening.

Jim McGrath says his computer was recently held for ransom. While he was searching online, his PC froze and a warning popped up demanding he pay $60 for a program to get rid of a virus. McGrath tried for hours to get his computer un-frozen, but it would not function until he paid.

"I felt I was being scammed into buying a virus program that I didn't need because I already had virus programs, and I couldn't even run a scan on my own virus program," said McGrath.

Experts say McGrath was hit by a "ransom-ware" scheme, and it's just one way you could be attacked. Cyber-crooks are manipulating search engines so their "poisonous" or tainted Web links pop up in your results. And if you click on the malicious link, then malware or viruses can invade your computer.

"You will be infected and you won't even know it," said Chris Larsen, Blue Coat Computer Security.

Blue Coat's analysis found "search-engine poisoning" attacks mounting. And now computer users are three times more likely to get a tainted link from a search engine than in an email.

"People do trust the search engines and they are predisposed to click on whatever they see in the results, and because they're not aware that it could be dangerous, this turns out to be a very effective attack for the bad guys," said Larsen.

Blue Coat found bad guys don't only target people searching for top news stories or adult content. They may try to lure you to their links while you search common topics like health and medical information, samples of business and professional letters, and seasonal searches like holiday recipes, decorations and costume ideas.

To avoid poison links, look at website address endings: experts say "dot-coms" and "dot-nets" are usually safe. But if it ends in something you've never heard of, like "dot-cx" or "dot-tf" you may want to avoid those. And if the text under the link looks garbled don't click on it.

McGrath isn't sure what he clicked on to launch the ransom-ware. He removed the software from his PC.

Experts say if a link just doesn't seem right don't click on it. And of course, always make sure you have good up-to-date anti-virus and malware programs running on your computer.


Load Comments