Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/30/2010
03:23 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

One In Three Top-Trending Search Topics Return Malicious Results, Finds Norton Study

To counter these SEO poisoned threats, Norton has introduced Norton Safe Web Lite

MOUNTAIN VIEW, Calif., July 29/PRNewswire-FirstCall/ -- According to a new Norton study, more than one in three of the top-trending search terms returned at least 10 percent malicious results, putting people's computers and personal information at risk from cybercrime. It turns out that between February and May, searching for "tropical dreams sweepstakes" could actually have been a nightmare, and searching for "red hot laugh riot" could have been anything but funny. At the peak of their popularity, these two particular search terms returned a staggering 99 malicious links out of the first 100 results.

This week, celebrity news, online gaming and diseases were among the most poisoned top-trending topics, with terms such as "constance francesca hilton," "atomic dove" and "melorheostosis" returning more than 45 percent malicious links out of the first 100 results.

To counter these search engine optimization (SEO) poisoned threats, Norton has introduced Norton Safe Web Lite, a free downloadable tool that identifies risky sites before users click on them in search results. Once downloaded from http://safeweb.norton.com/lite, Norton Safe Web Lite is accessible as a small toolbar within either Internet Explorer or Mozilla Firefox. The free toolbar is powered by Norton Safe Web site-rating technology, which is included in Norton Internet Security and Norton 360. Catching risky results before clicking through is critical because nearly 60 percent of unsafe sites identified by Norton Safe Web are found to contain drive-by downloads - threats that can infect a PC without requiring the user to download or install files.

Additionally, the Norton Safe Web scanner for Facebook, which is also free, now offers a convenient "Enable Auto-Scan" option to identify any malicious links on users' news feeds. The Norton Safe Web scanner for Facebook is available at http://apps.facebook.com/nortonsafeweb.

"Cybercriminals are always looking for the next opportunity to find victims, as evidenced by the high volume of SEO poisoning. Unfortunately for consumers, simply searching for a popular topic and clicking on a poisoned link can have serious consequences," said Jens Meggers, vice president of engineering, Norton. "Consumers need to arm themselves with tools like Norton Safe Web Lite that are specifically designed to defend against these types of threats."

The Norton study monitored a major search engine's top 300 trending search terms and analyzed the top 30,000 search results daily for SEO poisoning over a three-month period, between February and May 2010. The search topics ran the gamut from sporting events to song lyrics to breaking news on criminal cases. Using unethical techniques to "game" search engine algorithms, hackers are poisoning search results, taking advantage of spikes in a topic's popularity to redirect computer users to misleading applications such as fake antivirus scanners. Some days, more than 250 of the top 300 daily search terms returned more than 10 percent malicious links within the first 100 results. Clicking on these poisoned search results could infect a user's PC and result in exposing personal information to cybercriminals.

About Norton Safe Web Lite

Norton Safe Web Lite is a free website rating tool designed to let users surf, search and shop online safely. Norton Safe Web servers crawl millions of websites and use signature-based file scanning, intrusion detection engines, behavioral detection and analysis to identify potentially dangerous sites directly from searches via a browser toolbar. The Norton Safe Web Lite toolbar is available for Windows XP, Windows 7 and Windows Vista users in English only, and works on Internet Explorer 6.0 or higher and Mozilla Firefox 3.0 or higher. All current users of Norton 360 or Norton Internet Security already receive a full-featured Norton toolbar as part of their subscription, which in addition to Norton Safe Web rating technology also provides built-in real-time antiphishing protection and Identity Safe, which helps manage logins and passwords.

About Norton From Symantec

Symantec's Norton products protect consumers from traditional threats with antivirus, anti-spyware and phishing protection, as well as bots, drive-by downloads and identity theft-- while also being light on system resources. The company also provides services such as online backup and PC tuneup, and is a trusted source for family online safety. Friend us on Facebook at www.facebook.com/norton and follow @NortonOnline on Twitter.

About Symantec

Symantec (Nasdaq: SYMC) is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.