Search Engine Spam Comes with a New Twist

    February 24, 2009
    Chris Crum

For the first time in over a year, spammers are using popular search engine links to disguise malicious web addresses according to Symantec’s MessageLabs. In February, users have been targeted with the promise of good deals and cheap goods as they struggle through the economic crisis.

Search Engine Spam

Such spam messages contain text like:

– "Money is tight, times are hard."

– "Get 15% off these"

– "Cheaper than you could imagine"

"This resurgence of search engine spam comes with a new twist: they are email messages which include links to a major well-known search engine which searches for the spammer’s domain – as opposed to automatically re-directing to the spam site as reported in January 2008 – in the hopes that the search engine has not indexed the target site," a MessageLabs spokesperson tells me.

"By hiding the search for their domain in a legitimate search engine query, spammers can send messages that go under the anti-spam radar," the spokesperson continues.  It is interesting to note that the method being employed by these spammers only works with one major search engine according to MessageLabs (though they are not at liberty to disclose which one that is).

Search engine spam accounted for 17% of all spam at its highest points last year. Given the current state of the economy, I’d say we can expect quite a bit more of the money-saving-based attacks.