Top search results riddled with malware

Almost 14 per cent of searches for popular terms lead to malware sites or links

Internet users are being lulled into a false sense of security by search results, and may click on links that are popular but infected with malware, according to a new report from Websense.

The security firm said in its latest State of Internet Security report that malware writers upped their efforts to get noticed late last year, and are manipulating search results to drive traffic in their direction.

Almost 14 per cent of searches for current "buzz words", such as celebrities or current events, lead to malware sites or links, the report said.

More worrying is the finding that 71 per cent of pages found to be infected were legitimate sites that had been poisoned in some way. Websense reported growth of 225 per cent in malicious web sites over the second half of last year.

Web 2.0 sites also proved popular with malware writers. Websense said that 95 per cent of comments on blogs were spam or led to malicious pages. Spam managed to swallow up all but 14 per cent of email traffic.

The growth in spam has much to do with the number of email accounts being stolen, and their details posted online, according to the report. Websense said that tens of thousands of Hotmail, Gmail and Yahoo accounts had been hacked in this way.

"Malicious hackers are really focusing their efforts to ensure they're driving their victims straight to them," said Websense chief technology officer Dan Hubbard.

"By poisoning search results and focusing on Web 2.0 sites, their efforts are often more efficient and effective.

"The blended nature of today's threats, combined with compromised legitimate sites, takes full advantage of an increased perception of trust when using search engines and interacting with friends or acquaintances online."