Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/1/2009
01:32 PM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%

Danger! Search Engines At Work!

Some search terms and categories are more dangerous than others, and likelier to lead to malware according to a new report from McAfee. Among the most dangerous current category and term? Lyrics, of all things.

Some search terms and categories are more dangerous than others, and likelier to lead to malware according to a new report from McAfee. Among the most dangerous current category and term? Lyrics, of all things.McAfee's ranking of danger words and categories is based on the percentage of malware sites found among the search results. As has been pointed out with some frequency, cybercrooks keep up with the headlines as well with shifting interests, reflected in frequently used search terms, often combining the two.

The economy, for instance, and the need or hope for additional income produced these risk level results, according to McAfee:

Free work from home 40.0% Work from home for free 40.0% Work from home free 40.0% Work from home ideas 25.0% Free work from home jobs 20.0%

"Free" in other contexts than work from home, top of the list, but so is "word unscrambler."

Theoretical or policy-related interest in the economy is sfaer than get-it-for-free concerns: "Economic crisis" carried a risk factor of under 4%, for instance.

"Lyrics" was the top pop category term of all, with more than 26% of returned links being malicious.

Because search is one of the most frequently used business functions (including by employees searching for non-business information while at work) it's worth reminding your people to be careful what they search for -- and what they look into among the results their searches return.

And if they're looking for word scrambled lyrics to songs to sing while searching for free work from home, well...

The complete McAfee report on The Web's Most Dangerous Search Terms is here.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
A Startup With NSA Roots Wants Silently Disarming Cyberattacks on the Wire to Become the Norm
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/11/2021
Edge-DRsplash-10-edge-articles
Cybersecurity: What Is Truly Essential?
Joshua Goldfarb, Director of Product Management at F5,  5/12/2021
Commentary
3 Cybersecurity Myths to Bust
Etay Maor, Sr. Director Security Strategy at Cato Networks,  5/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-18178
PUBLISHED: 2021-05-18
Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component "/hcms/admin/index.php/language/ajax."
CVE-2020-20214
PUBLISHED: 2021-05-18
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
CVE-2020-20222
PUBLISHED: 2021-05-18
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2020-20236
PUBLISHED: 2021-05-18
Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.
CVE-2020-20237
PUBLISHED: 2021-05-18
Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.