Search-engine spam targeting popular news items

Cybercriminals are leveraging Haiti and Chile earthquakes and other recent news events to poison Internet searches, according to McAfee.

The earthquakes in Haiti and Chile, the Toyota recall, and Apple's iPad are just some of the search terms that cybercriminals are using to corrupt search-engine results, according to McAfee's first-quarter Threats Report released Tuesday.

Following a significant rise in search-engine spam last year, the bad guys are adopting the latest items in the news to trick search engines into indexing links that lead to malicious Web sites, the report says (PDF). Like other professionals, cybercriminals use analytics and page ranking to determine the most popular search terms to use to capture their victims, a trend that was prominent in the first quarter of the year.

But many other types of spam and malware also kept security vendors and users on their toes at the start of 2010. USB devices took center stage as the most common way of spreading malware, said McAfee. These infections are triggered by the "AutoRun" feature when a USB drive is plugged in, a popular strategy among cybercriminals due to the ubiquity of such portable devices.

One active category of malware for the first quarter was the AutoRun worm found on USB drives.
One active category of malware for the first quarter was the 'AutoRun' worm found on USB drives. McAfee

Password-stealing Trojans that grab bank account information were another common threat, with the current variations targeting users on Facebook . Scareware, or malware disguised as antivirus software, peaked during the third quarter of 2009 but remained at a high level during the first three months of 2010. As scareware tries to convince users to pony up money for the fake software, McAfee believes this threat may prove to be one of the costliest online scams in 2010.

Though down from their peak, scareware levels remain high.
Though down from their peak, scareware levels remain high. McAfee

After falling and rising last year, spam volume has grown to its levels from mid-2008, just before the takedown of the McColo spam host in November of that year, noted the report. Between January and March, an average of 139 billion spam messages bounced around the Internet each day, representing 89 percent of all e-mail traffic.

During the first quarter, the most popular type of junk mail was for pill and male-enhancement products, which made up more than 71 percent of all spam traffic. More generic types of offers accounted for 10 percent of spam, while e-mails pitching educational degrees and personal ads took up the slack at 2 percent of all spam traffic. During the quarter, China, South Korea, and Vietnam were responsible for the greatest amount of diploma spam, which tries to sell fake diplomas and other documents to help people find jobs.

Thailand, Romania, the Philippines, India, Indonesia, Colombia, Chile, and Brazil also saw a larger number of malware and spam attacks for the quarter, which McAfee believes is due to a growth in Internet use combined with a lack of security knowledge in these regions.

The overall growth in malware did level off year-to-year in the first quarter of 2010, showing reduced numbers compared with the first quarters of 2009 and 2008. But McAfee still believes the total amount of malware for this year will at least be as high as it was in 2009.

About the author

Journalist, software trainer, and Web developer Lance Whitney writes columns and reviews for CNET, Computer Shopper, Microsoft TechNet, and other technology sites. His first book, "Windows 8 Five Minutes at a Time," was published by Wiley & Sons in November 2012.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
A roomy range from LG (pictures)
This plain GE range has all of the essentials (pictures)
Sony's 'Interview' heard 'round the world (pictures)
Google Lunar XPrize: Testing Astrobotic's rover on the rocks (pictures)
CNET's 15 favorite How Tos of 2014
CNET's 15 most popular How Tos of 2014