Malicious SEO targets Ford Motor Company
by Steve Ragan - Apr 14 2009, 17:30Panda Labs is reporting the discovery of a new malicious SEO (search engine optimization) campaign that targets the Ford Motor Company. According to a posting on the Panda Labs blog, the company has discovered over a million links that lead to rogue anti-Virus applications, each of them related to a Ford-based keyword.
In the Video below, Sean-Paul Correll from Panda explains the discovery in more detail.
Simple Ford-related terms are linking to a video, a favorite method of infection used by criminals, where an end user is asked to install a codec. Once the codec is installed, instead of the video playing, the user is prompted with Malware warnings from 'MS Antispyware 2009'. The rogue anti-Virus will gladly remove the “infections” for a small fee of only $79.99 USD -- Act now. Supplies are limited. Fake SSL order forms are standing by.
“This case is especially interesting because it’s one of the few SEO attacks that we have seen targeting a single, specific brand,” Correll wrote.
Malicious SEO campaigns are a hot ticket item for criminals who want to cover as many potential marks as possible. Popular keywords, often related to breaking news stories, social media, or household brands, are hijacked and pumped up to appear higher in search results. Someone clicking on one of the black terms would be led to a malicious portal and have their system infected if they were not careful.
News related to the Conficker Worm, various Twitter issues, Facebook-related news and design applications, anti-Virus searches, medical information, and more, have all been used in the past to spread rogue anti-Virus applications.
The best way to avoid these malicious applications is to ensure that Abode Flash and Shockwave, as well as other browser-added video players, are updated. As long as you get the updates from the vendor’s official Web site, and remember to never install the application from another source, the odds of being infected by the fake codecs are lowered considerably.
In addition, maintaining a legitimate and regularly updated anti-Virus program will prevent most of the codec attacks. The problem is that legitimate anti-Virus applications will not stop all codec attacks. So you have to pay attention to what you download. Previous testing performed by The Tech Herald on several legitimate anti-Virus security suites showed that most failed to stop rogue anti-Virus applications from installing.
However, almost all of them prevented secondary Malware from being installed on the system, which is a positive.
Want regular updates from The Tech Herald? Follow us on Twitter.
Comment on this Story