Scareware purveyors using Blackhat SEO to target Twilight movie fans

Scareware purveyors’ top target for today: Twilight fans using Google to search for show times, sound tracks and all things related to latest movie about young vampire lovers.

{Safety tip: If you see a suspicious virus scan or alert, the worst thing you can do is click on anything in the alert, even a “cancel” button. That’s because clicking on anything the bad guys present to you usually advances the scam. Instead, do a force quit: type “ctrl-alt-delete” to navigate to your task manager. Locate the application running the fake alert and force-quit it by clicking “end task.”}

Cyber criminals are using Black Hat SEO techniques to cause tainted web links to turn up high in the rankings of search results related to Twilight; the bad links trigger malicious programs that launch promos for fake antivirus protection, says PC Tools researcher Rommel Garcia.

Here’s how the scam works:

  • A fan uses Google to search for “Twilight Eclipse Release Date”
  • Tainted web links turn up ranked highly among the search results* The fan clicks on a malicious link
  • The fan’s web browser gets redirected to web site controlled by the scammers
  • A fake Windows security alert pops up indicating serious infections
  • The fan is duped into clicking “prevent attack”
  • The fan now gets taken down a path to purchase worthless clean up and protection.

Twilight fans should be “vigilant when visiting sites that appear in internet searches” even when the search results appear to point to legitimate web sites, says Garcia.

Scareware attacks like this are so slick because the bad guys make a ton of money. The FTC and FBI busted one gang that made $163 million duping one victim at a time to pay $30 to $70 for worthless cleanup and protection.

By Byron Acohido

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone