February 25, 2010

The New 'Google Search' Scam

The New 'Google Search' Scam
Lee Gomes, 02.24.10, 6:00 AM ET

Small and medium-sized businesses depend on the Web perhaps as much as anyone. They thus need to be mindful of the ever-evolving roster of Web scams--like a new one involving news.

Most people know that search engines like Google are useful for quick research on topics in the news. Unfortunately, the bad guys aren't far behind.

A search for "Bill Clinton heart attack" performed last Sunday produced the expected Google links about the former president's recent heart stent procedure. There were stories from the Los Angeles Times and ABC News, along with links to sites devoted to fighting heart disease.

However, it wasn't all what it seemed. If you clicked on the 10th item on the Google page, headlined "Bill Clinton heart attack," you were directed to another page of what appeared to be even more helpful Google results. Everything about the page--the typeface, the design--was authentic. If you looked quickly in the URL bar at the top of the page, you'd find what you might think was conclusive evidence of it being a legitimate Google page, since the URL seemed to be "googlesearches.com."

But in fact the URL had a "q," not a "g," as its first letter. The two letters look enough alike that only the most eagle-eyed would have ever noticed.

And what was this imposter Google page up to? The usual Web scams, notably, trying to get users to download bogus "security" software that in fact infects your computer with sundry malware that can be difficult and expensive to get rid of.

Creating a Web site called "qooglesearches.com"--another of this ilk is "qoogle.com"--is a variation of a practice known as "typo-squatting." In its classic form, someone registers a domain that is close in spelling to a real one. When Web users inadvertently typed the wrong URL, they're directed to the typo-squatter's site, where they'd realize their mistake on account of all the ads and other attempts at easy monetization.

But typo-squatters appear to be doing two things new. First, they are trying to fool you into thinking you've landed on the Web page you wanted to go to in the first place. Second, they are using tricks of "black hat" search engine optimization to get the links to their scam sites included in genuine Google search results.

You are not entirely defenseless against this type of Web con, though you need to be on your toes. In the original list of Google "Bill Clinton heart attack" search results, the listing that sent users to the fake Google page had spam-style nonsense words instead of the usual Web page summary. (The actual text was "If you glistening a conch footlights with unidentified tapiridae yellowtail, verner are that you bill clinton heart attack hereditary to get assault for use ..." And the green URL link under that text was for something called NewLifeClothing, which is apparently a legitimate maternity clothing operation whose computers had been compromised to run the scam. But if you weren't paying attention, and instead were just clicking on the Google links as they tumbled down the page, you could very easily have missed both clues.

Google has a small army fighting these sorts of Web scams, but the scams change almost on an hour-by-hour basis. Indeed, throughout last Sunday afternoon, the bogus link sent users to different places as the day wore on.

There are any number of typo-squatter names associated with Google; most of them are owned by MarkMonitor, a company that patrols URLs on behalf of clients to prevent these scams from happening.

MarkMonitor, for example, owns "googlesearches.com," and when that URL is typed into a browser, the result is an empty page. But the company hadn't until Monday heard of the Google-themed URLs beginning with a "q."

Te Smith, spokesperson for MarkMonitor, says the scam was particularly insidious because "unless you have very sharp eyes, you will just continue blithely on."

What's the moral? Web users need to surf defensively in the same way they drive defensively on the freeway. As Smith put it, "Think before you click, and keep your eyes open."

Source: http://www.forbes.com


No comments:

Post a Comment

Please Leave your valuable comments here. Thanks in Advance.


Spend time by reading assumes no liability for the accuracy or completeness of any of the information contained on this web site. Furthermore, spend time by reading neither assumes liability for the accuracy or completeness, nor endorses the contents of, any outside links from our web site. This information is provided as a public service for convenience purposes only. Reliance upon the accuracy or completeness of the information contained herein is at the user’s risk. Users are strongly encouraged to make every effort to verify the accuracy and/or completeness of the information before reliance thereon.