Online scammers hope to score on online World Cup enthusiasts

Exploiting Google SEO, cyber criminals are fooling soccer enthusiasts into downloading nasty malware

Avid football fans around the globe can't wait until World Cup kicks off in South Africa on June 11. As it turns out, neither can online scam artists, who have already jumped on pre-Cup anticipation to push out nasty malware.

According to a blog post by Sunbelt Software, scammers are using search engine optimization (SEO) to pump up links to sites for Google users looking for printable World Cup brackets. In fact, don't even search for "World Cup printable bracket" -- chances are Google will return a lot of SEO-tuned drive-by download sites.

[ Also on Fixing the Internet would we be easy -- if we tried. | The Web browser is your portal to the world -- as well as the conduit that lets in many security threats. InfoWorld's expert contributors show you how to secure your Web browsers in our Web Browser Security Deep Dive PDF guide. ]

SEO has become one of the most powerful tools in use by identity thieves, phishers, and other online scam artists, who follow Google's Trend rankings of hot search topics like a bunch of harried editors. Gulf oil spill, Tiger Woods, Bill Clinton's heart attack, swine flu -- no shift in the news cycle is too small to get noticed and used to entice victims to click on malicious links.

Thus, with queries about the World Cup now No. 5 on Google's list of top searches, it shouldn't be surprising that the attack sites are there to take advantage of the virtual crowds.

The question, as always, is what Google and the security world can do to stop the practice -- or at least give users the wherewithal to spot fraudulent sites. Security vendors such as McAfee, Symantec, and Cisco have invested heavily in Web security in recent years, buying hosted security outfits, including MessageLabs (and Mi5), MXLogic, and ScanSafe. Symantec's recent purchase of assets from VeriSign included a site-rating service that Symantec says it will invest in heavily.

But the lesson of recent attacks, including Google Aurora, is that even very fast -- yet reactive -- protections are doomed to fail when matched against nimble adversaries and fallible, all-too-human targets. The answer may be to mix it up, dropping Windows in favor of slimmer, more secure operating systems (as Google reportedly is toying with). The advent of alternative computing devices such as iPhone and now iPad may hasten that migration and provide more challenges and hurdles for attackers than the Windows and -- to a lesser extent -- IE monocultures currently do.

This article, "Online scammers hope to score on online World Cup enthusiasts," was originally published at Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog