Search engines serve up danger
We are slowly waking up to the problem of naive web trawling.
By Tom Spring, PC World.com | Published: 10:00, 02 June 2006
Who knew an innocent search for "screensavers" could be so dangerous? It may actually be the riskiest word to type into Google's search engine. Odds are, more than half of the links that Google returns take you to Web sites loaded with either spyware or adware. You might also face getting bombarded with spam if you register at one of those sites with your e-mail address.
A recently released study, co-authored by McAfee and anti-spyware activist Ben Edelman, found that sponsored results from top search engines AOL, Ask.com, Google, MSN, and Yahoo can often lead to Web sites that contain spyware and scams, and are operated by people who love to send out spam.
The study concluded that an average of 9 percent of sponsored results and 3 of organic search results link to questionable Web sites. The study was based on analysis of the first five pages of search results for each keyword tested.
According to the results of the study, the top four most dangerous searches on Google are:
- free screensavers: yielding 64 percent "dangerous" links
- bearshare: yielding 57 percent "dangerous" links
- screensavers: yielding 55 percent "dangerous" links
- winmx: yielding 51 percent "dangerous" links
The study defined dangerous sites as those that have one or a combination of the following characteristics: its downloads contain spyware and/or adware; its pages contain embedded code that performs browser exploits; the content is meant to deceive visitors in some way; it sends out inordinate amounts of spam to e-mail accounts registered at the site.
These results are a sobering wake-up call to Web surfers, and they illustrate the changing nature of Internet threats today. It used to be that most viruses and scams made their way to our PCs via our inboxes. But thanks to security software that's getting better at filtering out viruses, spam, and phishing attacks from our e-mail, rogue elements are having a difficult time booby-trapping our PCs.
"Scammers and spammers have clearly turned to search engines to practice their trade," says Shane Keats, market strategist for McAfee.
McAfee says that of the 1,394 popular keywords it typed into Google and AOL alone, 5 percent of the results returned links to dangerous Web sites. Overall, MSN search results had the lowest percentage of dangerous sites (3.9 percent) while Ask search results had the highest percentage (6.1 percent).
Given the study's findings, it shouldn't come as a big surprise that the company has a free tool, called McAfee SiteAdvisor, for tackling the problems. In my tests I found it does a great job of protecting you from the Web's dark side.
Since March McAfee has been offering a browser plug-in that works with Mozilla Firefox and Microsoft Internet Explorer. SiteAdvisor puts a little rectangular button in the bottom corner of the browser. If a site you're visiting is safe, the SiteAdvisor button stays green. When you visit a questionable Web site the button turns red or yellow (depending on the risk level) and a little balloon expands with details on why SiteAdvisor has rated the site as such.
SiteAdvisor ratings are based on threats that include software downloads loaded with adware or spyware, malicious code embedded in Web pages, phishing attempts and scams, and the amount of spam that a registered user gets.
SiteAdvisor takes it a step further with Google, MSN, and Yahoo. With these search engines, it puts a rating icon next to individual results. This is a great safety feature and time saver, steering you clear of dangerous sites before you make the mistake of clicking on a link.
For example, when the site Screensaver.com appeared in my Google search results, a red SiteAdvisor warning appeared next to it. When I hovered over the icon, it delivered stats on the site. According to SiteAdvisor, Screensaver.com offered a download that contained what some consider adware or spyware, and any e-mail address I used to register with the site would receive about 47 "spammy" e-mails a week.
In the past I've highly recommended anti-phishing toolbars that warn you of shady sites that try to trick you out of personal information under false pretences. But if you're looking to beef up your PC protection, I recommend using SiteAdvisor instead.
SiteAdvisor says it has preformed a security analysis of 3.3 million Web sites using an automated process. According to McAfee's Keats, SiteAdvisor collects these sites by constantly crawling the Web using hundreds of computers. Its analysis includes checks for deceptive sites and browser exploits. But SiteAdvisor goes a step further and downloads any software that a site may offer visitors, then checks it for spyware and adware. Keats says SiteAdvisor has reviewed over 725,000 software titles so far.
To evaluate spam levels, SiteAdvisor has registered a unique e-mail address at 2.5 million sites. It then weighs the volume of e-mail that each account gets and evaluates how spammy the messages are.
SiteAdvisor software calculates the risk that a site poses based on those criteria and assigns it either a green, yellow, or red label. A red site fails SiteAdvisor's safety tests because it either distributes adware, sends a high volume of spam, or makes unauthorized changes to your PC. Yellow sites send a high volume of "non-spammy" e-mail, display many pop-up ads, or prompt a user to change browser settings. Green sites are safe.