In the past we have already covered how attackers are using SEO (Search Engine Optimization) poisoning techniques to modify the results obtained from search engines, mainly Google, to point to malicious web sites or accomplish other malicious activities, for example, vishing attacks or IFRAME SEO attacks.

Recently we got details about two active SEO poisoning attacks for two specific hot topics:

•  A new Facebook unnamed app. Sample search term: "facebook unnamed app".
• Today's Apple tablet announcement, called iPad. Sample search term: "apple tablet announcement".

The related search terms for these two hot topics in Google are returning top results pointing to sites that distribute malware.

Apart from the common defense-in-depth practices regarding client and end point protection, one of the best recommendations is to demonstrate this type of attack on your security awareness programs, so that users do not blindly trust any output they get from search engines.

--
Raul Siles (www.raulsiles.com)
Taddong is comming soon...