Skip to content

Hackers hijack search results to trap you

by Neal O'Farrell on June 17th, 2010

It’s World Cup frenzy again (in case you missed it that’s the soccer World Cup, being played out in South Africa) and all over the world millions of web users, from die-hard fans to just the mildly curious, will be turning to search engines like Google for the latest news, scores, and rankings.

So too will hackers. Not so much because they’re fans of soccer, but because they’re fans of global news events that they can exploit. One of the most popular and dangerous tricks is called search engine or SEO hijacking – breaking into the boiler-rooms of the most popular search engines, and manipulating the system so that their malicious links and web pages show towards the top of search results.

Sounds complicated but it’s actually very simple. For some reason web users seem to automatically trust web pages that appear at the top of their search results. If hackers can inject their pages into the top results of a search on something like the World Cup, they can use those pages to redirect surfers to malicious web sites or trick them into downloading malicious software.

The strategy isn’t new, and hackers seem to turn to it every time a major news story captures the public interest. Before the World Cup, hackers were placing fake stories and web sites about the French tennis open to trap users, and before that the hurricane in Guatemala.

And of course the tragic BP oil spill in the Gulf is being used around the clock by hackers to feed fake stories and trap unwary users.

Lessons learned?

• Don’t assume that if something you search for appears at the top of your search results, it should be assumed to be legitimate. Always use caution.

• Consider using one of the many free browser security tools, like Finjan’s Secure Browsing, that will alert you about a suspicious web page before you click on it.

• Keep your anti-virus software constantly updated and your computer constantly patched. Many of these attacks exploit computers that have security holes or vulnerabilities left unpatched.

From → Uncategorized