Consumer Reports recently released its 2009 “State of the Net” survey and the numbers are alarming. One in five Americans who go online said they were victimized by cybercrooks during the past two years. The editors figure the bad guys got away with a staggering $8 billion dollars.
“Cybercrime is a huge organized crime business,” says Jeff Fox, technology editor at Consumer Reports. “It used to be isolated criminals or hackers. Now these are serious criminals who are making serious money this way.”
Hackers make their living stealing credit card numbers, bank account information or other personal data they can sell on the black market.
To make the most profit, they need to reach the biggest pool of potential victims. According to the security experts at McAfee, cybercriminals have started using popular search terms to direct people to their malicious sites.
In a new report, “The Web’s Most Dangerous Search Terms,” McAfee researchers conclude: “The scammers – from solo operators to organized criminals – have quickly realized that the same search engines that enable legitimate businesses to reach more consumers can also be used by criminals to separate more victims from more of their money.”
McAfee wanted to find out which search terms the scammers most often use to lure people to their sites. Analysts searched more than 2,600 of the most popular key words on various search engines and used the results to visit and examined more than 413,000 unique urls.
It turns out some of the riskiest searches involve free downloads: music, videos or screensavers. Research analyst Shane Keats, who co-wrote the report, tells me screensavers are “one of the primary delivery mechanisms for spyware and adware.”
If the search includes the word “screensaver” nearly six of the top 10 search results will contain malware.
You may be surprised to learn that “lyrics” is the single riskiest search term anywhere in the world. Click on results that contain the word lyrics and you have a 50-50 chance of infecting your computer. It seems a lot of people who download music or music videos want to know the words.
With so many people looking for jobs right now, searches that involve work-at-home opportunities are a prime target for Internet criminals. Not only are most of these sites outright scams, many of them are also used to compromise your computer.
Based on the McAfee report, search for “free work from home” or “work from home for free” and four of the top 10 results will be risky.
Howard Schmidt, an expert on Internet security, says there are two main ways the cyber-scammers do their dirty work using popular search terms.
They can create their own bogus Web site that looks completely legitimate, but is loaded with malware. Or they can hack and infect an existing site that has a security vulnerability.
“So whether your search takes you to a criminal site or a legitimate site that’s been hacked and used for criminal purposes, either way you get hammered,” Schmidt says.
Most malicious sites require the user to download something – a music file, video file or screensaver – to get infected. But if you land on what’s called a “drive-by” site, you don’t have to do anything to get bitten.
It happened to friend of mine last week. Sherri was on an entertainment site when she got “a strange message” telling her to reboot. The next day when she tried to log on to her bank account, her password wouldn’t work.
She was automatically redirected to a page that looked official – bank name and logo everywhere. It asked for all sorts of personal information to validate her account, just the sort of information identity thieves want. Luckily, Sherri didn’t fall for the scam.
Spyware plagues computer users. Consumer Reports says spyware infections forced 545,000 U.S. households to replace their computers in the past six months.
How to protect yourself
On the Internet, it’s really hard to distinguish the safe from the dangerous. So you need to take precautions.
- Use protection: You need to have good security software that updates automatically every day. Consumer Reports says about 20% of the households it contacted for the 2009 State of the Net survey did not have an antivirus program. That’s just asking for trouble. For its July issue, the editors found some excellent security programs that are free.
- Download from known sites: If you want music, go to a reputable on-line music store. For program downloads, go to CNET, PC World or MacLife.
- Use a safe search plug-in: The latest Web browsers are designed to block and warn you about potentially unsafe sites. There are various free security toolbars you can download for extra protection, such asMcAfee’s free SiteAdvisor. You’ll find many other tool bars on the Anti-Phishing Working Group web site.
I asked technology expert Steve Bass, who writes the free weekly newsletter “TechBite Technology” which toolbars he recommends. Bass likes Web of Trust, a free add-on for Internet Explorer and Firefox.
He also likes Ad Muncher ($30 after 30-day trial). Bass calls it “the most effective and simple-to-use tool I’ve ever used.”
The bottom line
You don’t need to be afraid to go on the Internet. You sure do need to be careful because the bad guys are targeting YOU. And they’re getting better at it all the time.