Scam artists hawking “scareware” products -- which make you think you have a virus when you don't -- are increasingly use what's called Search Engine Optimization (SEO) poisoning attacks.
They do it by manipulating search engine results to make their links appear higher on the search page than legitimate results.
You see it a lot around holidays like Easter, when scammers know that there will be a lot of computer users searching using terms like “Easter egg,” “chocolate,” and “bunny.” When an unsuspecting user clicks on one of these “poison” links, they get a phony message like those below warning them of a virus and encouraging them to purchase and download supposed security software.
Those who fall for it not only throw away money on a product they don't need and that may not even work. They also give criminals access to their credit card and download malware onto their computer.
Fraser Howard, an anti-virus specialist at Sophos Security reports an increasing number of the SEO attacks in recent week, as Easter approaches. He notes that most people fall for this scam.
“The reason why SEO attacks are successful, is that all of us tend to trust search engine results,” Howard writes in his blog. “ After searching for something we happily click any of the links high up in the first page of results.”
Howard suggests we all be a little more discriminating and a lot more careful about what we click on. Before clicking, look at the URL. This might not always help, but if the domain name doesn't come anywhere close to the subject you were searching, it should be a red flag.
Many reputable anti-virus products block the viruses distributed through "black hat" SEO but cautious humans are still the best defense. If you see a security "warning" like the ones pictured on this page, don't click on it. Close your browser immediately and start a new session.