If you’re like most Americans, you delete emails that contain suspicious looking links, even if they come from a trusted source. A typical scenario is that a virus infects the computer of a friend or family member, and then starts churning out emails from the source computer in an attempt to spread the virus to other computers, including yours.
There are more sophisticated ways cyber crooks can strike your email inbox too, like phishing attacks. But as the public grows in awareness of these tactics, the bad guys have started to look at other options for spreading malware. Their favorite new venue, it turns out, is the search engine.
Cyber risks are not just for the personal computer, they are affecting businesses too. They are having to research options and build cyber risk management programs to protect their client’s information from these attacks.
We all use search engines to explore the web, and often don’t think twice about clicking links that appear near the top of the results. The cyber criminals are now capitalizing on our confidence that search result links are safe by “poisoning” them. Criminals target the most popular search key words to ensnare as many computers as possible.
According to USA Today, poisoned search result links are now four times more common than tainted email messages.
Poisoned search results can lead to various outcomes. For example, CBS Philly reports that one man clicked on what he thought was a legitimate search result, and his computer froze. A window popped up demanding he pay $60 for a program to erase a virus. His computer was inoperable until he paid the ransom.
But sometimes the user clicks a poisoned link and never knows it, because the infection happens in the background after the computer is directed to a nefarious web site that might appear harmless.
So how do you protect yourself? There are several things you can do. First, use common sense. If the address of a link looks unusual, don’t click it. Addresses ending in “.com” are safer than ones ending in “.cx” or “.tf”. Furthermore, avoid addresses that are hosted in other countries, ending with “.ru” (Russia) or “.cn” (China) or “.in” (India), for example.
Furthermore, if the description text below the link looks garbled or otherwise suspicious, don’t click the link.
You should also keep your antivirus software constantly updated, because new attacks are being plotted every day.
If your computer starts acting odd, or if for some other reason you suspect an infection, run a scan using your antivirus software. If that doesn’t solve the problem, then shut down your computer to avoid the potential for further infection and/or data extraction by the hacker, and seek an IT professional’s help.