Search engines, including Google, do a relatively good job of scanning their index for potentially dangerous sites. Nevertheless, scanning does not detect all potentially dangerous sites – not even close.
According to Dasient, a Web Anti-malware developer – using a proprietary malware analysis platform, which gathers data on web-based malware attacks from across the web, they concluded that more than 560,000 Web sites, and 5.5 million pages, were infected with malware in the fourth quarter of 2009.
Keep in mind that these infected sites and pages have, in most cases, been indexed by search engines.
We should all be aware by now, that cybercriminals are masters at seizing opportunity, and in the current environment, Internet search engine results provide just that.
Consider this: if one were to poll a group of typical Internet users as to the safety and reliability of search engine results, including the pervasive ads that search engines sprout; there is little doubt that the answer would be positive.
This is an image of Google search results that link to malware infected sites, courtesy of Sunbelt Software.
Paradoxically, it’s because current anti-malware solutions are more effective than they have ever been in detecting worms and viruses, that we’re now faced with yet another form of insidious attack – the drive-by download, resident on many of these compromised sites.
Drive-by downloads, which don’t require user action to create an infection, are not new; they’ve been lurking around for years it seems, but they’ve become much more common, as these statistics indicate.
Given that search engine results can be manipulated in this way (see “Search Engine Results – Malware Heaven!” on this site), it’s reasonable to ask the question – why aren’t more typical Internet users aware of this situation?
The obvious answer is – search engines make little or no effort to educate their users in the risks involved in relying on search results, or advertisements, appearing in their applications.
As a consequence, the typical user I come into contact with believes search engine output to be untainted, and free of potential harmful exposure to malware.
Fact: Consumer confidence in the strength and reliability of search engine results, particularly ads, is seriously misplaced.
Fact: The ongoing failure to protect the Internet, which by definition is an open network, will continue to expose users to substantial penalties; ranging from productivity decreases, infrastructure compromise, to a failure in consumer confidence, and more.
I’ve said it before, and I’ll say it again – an argument can be made, that the Internet has turned into a playground for cyber-criminals.
So will search engine providers address the issues described in this article? Sure, but only when outraged consumers finally force them to. Great business model!!
To reduce the chances that you will be victimized by malicious search engine results, you should consider installing WOT, which in my view, is the best Internet browser protection available. WOT, a free browser add-on, is designed to warn you of unsafe, or malicious links.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.