Web News

 

Black Hat SEO Scams Hit Skype

After flooding various social media sites and online communities, black hat search engine optimization (SEO) proponents have started using Skype, a leading VoIP provider, as a channel to spread scareware to unsuspecting users.

Scareware scams had previously spread through malicious online ads, false search engine results, Facebook messages, and contaminated websites. They usually come in the form of fake anti-virus software scans prompting people to follow links in order to clean up their files.

Panda Security, a leading IT provider, says personal Skype accounts have become a popular target for scareware messages. Security researcher Sean Paul Correll says the latest guise is a scam message sent to random users, prompting them to follow malicious links.

The messages appear to come from an account named “Online Notification,” which claims to have detected an infection on the user's computer. A link for “more information” appears on the message, which leads the user to a fake antivirus scan. The scan then reveals a host of malware applications to scare users into buying a fake clean-up utility software.

Panda has detected one strain of the scareware which disables all the applications on the user's computer, except for the program itself and a browser where the user can make the purchase. The scareware's full version reactivates all the applications once the payment is made.

Black hat SEO remains the most common tactic for spreading scareware. Often using popular keywords to propel sites to the top of search engines, they usually attack mainstream websites by posting dozens of links on related subjects to increase user traffic.

Tainted search results mostly affect users who find them from Google, as direct visitors are not redirected to scareware download sites. Google has come out with a custom search page, anti-malvertising.com, which helps users of ad networks track down attempts at black hat SEO and malware distribution.