Last year, Google detected one trillion unique URLs on the Web at once. The vehicle that gets users to those places is search, but within those trillion URLs are a lot of dark alleyways that are home to attackers.
According to McAfee, some of the riskiest searches on the Internet today are associated with finding items for free-such as music or screensavers-or looking for work that can be done from home. In its new report, The Web’s Most Dangerous Search Terms, McAfee researchers lay out how hackers use search engine optimization to lure victims into downloading malware. The riskiest word of them all: screensavers.
“Like sharks smelling blood in the water, hackers will create related Web sites laden with adware and malware whenever a particular topic increases in popularity,” said Jeff Green, senior vice president of McAfee Product Development and Avert Labs, in a statement. “Unsuspecting consumers are then tricked into downloading malicious software that leads them to blindly hand over their personal assets to cybercriminals.”
McAfee researched more than 2,600 popular keywords, as defined by Google Zeitgeist and other sources. The words were ranked by maximum risk, which was determined by the maximum percentage of malicious sites a user would encounter on a single page of search results. According to the company, “screensavers” was found to be especially dangerous, garnering a maximum risk of 59.1 percent. The word “lyrics” came in second with a maximum risk factor of one in two.
Surprisingly, searches using the word Viagra-a word that makes its way into more than a few spam e-mails-yielded the fewest risky sites, McAfee reported.
Clicking on results that contain the word “free” brings a 21.3 percent chance of infecting your PC, according to McAfee’s calculations. Those interested in telecommuting don’t fare much better-results with the phrase “work from home” were found to be four times riskier than the average risk of all popular terms.
Security vendors have noted the trend of hackers poisoning search engine results a number of times this year, most recently with the Gumblar attacks. In that case, victims were infected with malware that, when the victim performed a subsequent Google search, replaced the results with links leading to malicious pages. In March, Symantec noted attackers were using sponsored search results on Yahoo to trick Web surfers into visiting a site selling fake anti-virus software.
“The use of malicious advertisements has been a problem,” Zulfikar Ramzan, technical director and architect for Symantec Security Technology and Response, said at the time. “I remember an incident almost three years ago that involved a malicious advertisement that itself contained the exploit code and that was displayed on a very popular Web site-it was estimated that over a million people encountered that advertisement.”