Search engines lead to fake anti-virus

Criminals can earn thousands of pounds redirecting surfers to fake anti-virus software sites, according to security vendor Finjan.

Using search engine optimisation (SEO) techniques, criminals can direct surfers to sites that maliciously pop-up warnings that a PC is infected. The page would then offer anti-virus software for sale and download.

Criminals use SEO methods, such as focusing on popular keywords, to get their compromised pages in the top search results. This would mean that users searching for popular keywords on search engines would be directed to the malicious pages, therefore increasing traffic.

Finjan said it was able to access traffic management servers controlled by cybercriminals, and found that the SEO targeting technique lead to half a million Google searches to compromised sites.

The report said: "The secret of its success is the fact that the use of such an SEO technique increases the infection volume dramatically.

"In comparison, if cybercriminals would focus on simply attacking one large site, the breach would quite likely be detected and fixed before similar numbers could be reached."

Finjan found that 1.8 million unique users were redirected to the fake anti-virus software during 16 days.