AfterDawn: Tech news

Google 'secure search' hits scareware peddlers

Written by James Delahunty @ 28 Nov 2011 7:03

Google 'secure search' hits scareware peddlers Changes to Google policies deprives criminals of much-needed search information.
In order to protect people on possibly vulnerable networks, such as Wi-Fi hotspots, Google changed its policies to automatically turn on secure searching for logged in users. Using SSL, search queries could no longer be easily captured by other devices on the same network.

Another change made by Google that didn't get as much attention was the removal of search terms used to reach websites from the HTTP referrer header. This only applies if using secure search, while the information is still there when using the default unencrypted HTTP search.

This change means that legitimate websites could no longer see the search terms used to eventually find content on their websites. Typically, such information would be used by legitimate websites to create more targeted content, or to probe the ever-changing interests of its target audience.



It was also used, however, by cyber criminals to figure out which search terms to target with Black Hat SEO techniques. Typically, gangs of cybercriminals who are peddling malware will setup many routes to the same scam website. Those 'routes' exist as other webpages that you can find on search engines that link or redirect to a malicious website.

Mining the HTTP referrer data means that they could identify which search terms were used to send the majority of people to their scam sites. They could then use Black Hat SEO to manipulate Google search results and gain even more victims.

If you are logged in to a Google service, such as GMail, then when you use Google Search, you will notice it is automatically secure. Considering the number of people that use Google services, you would expect the declining loads of referral search term information would hit the cyber criminals quite badly too, as they have less information on what search keywords to target.

According to web security firms, that is exactly what is happening. "When these sites receive visits from search engine visitors, they will have no idea what search sent them there," David Sancho, a senior threat researcher at Trend Micro, writes.

"They won't have a clear idea which search terms work and which don't, so they are essentially in the dark. This can have a lot of impact on the effectiveness of their poisoning activities. This is, of course, good for Google as their search lists are cleaner but it's also good for all users because they'll be less likely to click on bad links from Google."

Tags: Google
Previous Next  
Comments have been disabled for this article.

Latest news

Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets (06 Jun 2023 9:19)
Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
Neato, the robot vacuum company, ends its operations Neato, the robot vacuum company, ends its operations (02 May 2023 3:38)
Neato Robotics has ceased its operations. American robot vacuum pioneer founded in 2005 has finally called it quits and company will cease its operations and sales. Only a skeleton crew will remain who will keep the servers running until 2028.
5 user comments
How to Send Messages to Yourself on WhatsApp How to Send Messages to Yourself on WhatsApp (20 Mar 2023 1:25)
The world's most popular messaging platform, Meta-owned WhatsApp has enabled sending messages to yourself. While at first, this might seem like an odd feature, it can be very useful in a lot of situations. ....
18 user comments
How to Enable Bluetooth on Stadia Controller How to Enable Bluetooth on Stadia Controller (11 Feb 2023 1:04)
Google shut down its streaming game service Stadia late last month and this means that some people have Stadia controllers lying around that seem to be of no use. That is fortunately not the ....
2 user comments
Guide: How to Kick Unwanted Guests from Your Netflix Account Guide: How to Kick Unwanted Guests from Your Netflix Account (26 Jan 2023 2:14)
Sharing a Netflix account with a person in a different location is possible and indeed very common, although the company doesn't necessarily enjoy this behavior from their customers. However, ....

News archive