Recession Spurs Search Engine Spammers

spam pageSearch engine spam has resurfaced with a new twist. This time, the email message focuses on the recession, and provides a link to a search engine.

But unlike the spam message reported by MessageLabs Intelligence in January 2008, this message does not use an automatic redirect link, nor does it search for keywords in hopes that the spammer's site appears in the first listing of the search query. Instead, it searches for the spammer's domain.

The technique allows spammers to include a link in the email constructed from a search engine query. Eliminating the URL in the body of the email message makes it difficult for anti-spam applications to detect. Plus, the link leads the person to the spammer's Web site.

"The spammers use the search engine similar to a landing page," said Paul Wood, MessageLabs intelligence analyst, Symantec. "This time, spammers relying on the search engine are not indexing the site, which is quite different from how they did it in the past."

Last year, MessageLabs, a division of antivirus software maker Symantec, reported that search engine spam rose to 17% of all spam in January 2008, making this a trend to watch as the recession continues to impact businesses this year. The good news is spam declined 1.3% to 73.3% in February 2009, sequentially. Malware-infected emails in the same month also declined, by 0.06% to one in 309.4.

The bad news is that this technique to direct people from search engines to annoying domains that sell fake Gucci watches and purses could become more than an annoyance. The spam emails could easily send people to sites hiding Web-based malware.

And by the time the searcher reaches the infected site it would be too late. The search engine would need to catch the malicious code before directing the searcher to the site. Sometimes it only takes a click to download a piece of infected code from a botnet, Wood said.

Aside from spam emails and search engine redirects, another trend to watch focuses on CAPTCHAs, the safeguard aimed at reducing spam that Web sites rely on to differentiate between computers and humans. The spammers take the provided image, analyze, and spit out the results, feeding the information back to the Web site to create fake accounts for social networking sites, for example.

Wood expects to see new forms of CAPTCHAs that include animation or questions. For example, an image might show three dogs and a cat and ask the site visitor to choose the box that contains the like animals.

1 comment about "Recession Spurs Search Engine Spammers ".
Check to receive email when comments are posted.
  1. Tony Beg from software, May 11, 2009 at 6:52 a.m.

    Protection for your computer.
    Search-and-destroy Antispyware is one of the best options available when you are searching for protection for your computer that you can trust. I know because I have tried many different types of scans in the past and the biggest difference I have found between them is the price. I found the antispyware solution from Search-and-destroy to be a great option that is affordable and easy to use. Visit http://www.Search-and-destroy.com to learn more about this scan and what it can do for you. If you are like me, you will be glad that you took the time to check it out.

Next story loading loading..