Blackhat SEO is a popular tactic for malware peddlers to distribute their wares to unsuspecting victims, and the weeks before major holidays are always a perfect time for poisoning search results for search terms tied to them.
Easter is a couple of days away, and since gifting chocolate Easter eggs and thematically decorating homes is a big part of the celebration, it’s no wonder that the results for typically innocuous search terms like “chocolate”, “easter eggs” or “decorating tips easter secrets” include malicious ones.
According to Sophos, when those last two search terms are combined, the very first result leads users to be infected with a fake AV variant by the name of “Windows Care Taker”:
The malware feigns to have discovered a massive infection, and in order to clean the computer asks the victim to purchase the full version:
“The reason why SEO attacks are successful, is that all of us tend to trust search engine results,” says Sophos’ Fraser Howard.
To prevent bad things to result from this tendency, he advises installing a reputable security product; using plug-ins that hide or modify the referrer that tells the page that one has landed on it via a search engine; and looking critically at the URL of the page before clicking on it, as most of the time the domain looks completely unrelated to the topic.