Global IT vendor Panda Security reports that hackers are creating 57 000 new Web addresses every week. They position and index these fake pages on leading search engines in the hope that unwary users will click them by mistake. Those who do will see their computers infected or any data they enter on these pages fall into the hands of criminals. These cyber criminals also use around 375 international company brands and names as lures.
eBay, Western Union and Visa top the rankings of the most frequently used keywords; followed by Amazon, Bank of America, PayPal and the US revenue service.
These are the conclusions of a study carried out by PandaLabs, Panda's anti-malware laboratory, which has monitored and analyzed all major Black Hat SEO attacks over the last three months.
According to Panda, about 65% of these fake websites imitate banking pages. For the most part, they pose as banks in order to steal users' login credentials. Online stores and auction sites are also popular (27%), with eBay ranked as the most widely used. Other financial institutions (such as investment funds or stockbrokers) and government organizations occupy the third and fourth positions, with 2.3% and 1.9% respectively. Payment platforms, led by PayPal and ISPs are in fifth and sixth place, with gaming sites, topped by World of Warcraft, completing the ranking.
"In previous years malware or phishing was typically distributed via email", says Jeremy Matthews, head of Panda's sub-Saharan operations. "However, in 2009 and particularly 2010, hackers have opted for BHSEO techniques, which involve creating fake websites, using the names of famous brands, etc."
This way, when users search for these names, a link to the malicious website will appear among the first results returned. When they visit these sites, one of two things will happen: either malware will be downloaded onto the user's computer, with or without their knowledge, or the website spoofs the appearance of a genuine page, a bank say, and users will unwittingly enter their details which will fall into the hands of criminals.
The problem is that when users visit a website through search engines, it can be difficult to detect whether it is genuine or not. For this reason Panda advises everyone to go to banking sites or online stores by typing in the address in the browser, rather than using search engines.
"Although companies are making an effort to ease the situation by changing indexing algorithms, they cannot fully escape the avalanche of new Web addresses being created by hackers every day", concludes Matthews.
More information is available in the PandaLabs blog: www.pandalabs.com.
For more information about Panda, visit www.pandasecurity.com/.
