Poison Links

(WFLX) - Most of us have the common sense these days to be cautious opening e-mails from someone we don't know or not open suspicious attachments.

But now, computer crooks have found a way to target us: on search engines.

Take the example of Jim McGrath. He says his computer was recently held for ransom!

While he was searching online, his PC "froze" and a warning popped up demanding he "pay $60 for a program to get rid of a virus".

Jim tried for hours to get his computer "un-frozen", but it would not function until he paid. "I felt I was being scammed into buying a virus program that I didn't need because I already had virus programs, and I couldn't even run a scan on my own virus program."

Experts say Jim was hit by a ransom-ware scheme, and it's just one way you could be attacked.

Cyber crooks are manipulating search engines so their "poisonous" or "tainted" Web links pop up in your results. If you click on the malicious link, malware or viruses can invade your computer.

"You will be infected and you won't even know it," said Chris Larsen of Blue Coat Security.

Blue Coat Computer Security's analysis found "search engine poisoning" attacks mounting, and now computer users are three times more likely to get a tainted link from a search engine than in an e-mail.

"People do trust the search engines, and they are predisposed to click on whatever they see in the results, and because they're not aware it could be dangerous this turns out to be a very effective attack for the bad guys," said Larsen.

Blue Coat found bad guys don't only target people searching for top news stories or adult content. They may try to lure you to their links while you search common topics like:

* Health and medical information
* Samples of business and professional letters
* Seasonal searches, like holiday recipes, decorations and costume ideas.

"Search engine algorithms have been designed partially to prevent cyber criminals from doing this kind of behavior," said Chris Boggs, a search engine marketing professional.

The search engine industry group "semp" says Web sites do fight back!

Google told us, "We've built and refined tools over many years to keep malicious content out of our search results."

Bing says, "We are actively working on new filtering techniques for image search where the majority of these malicious links were found."

Unfortunately, sometimes cyber criminals sneak past even tough search engine security.

However, there are a few things that you can do to help that from happening.

To avoid poison links, look at Web site address endings. Experts say "dot-coms" and "dot-nets" are usually safe.

But if it ends in something you've never heard of, like "dot-cx" or "dot-tf", you may want to avoid those, and if the text under the link looks garbled don't click on it.

Jim isn't sure what he clicked on to launch the ransom ware.  He removed the software from his PC, but wonders if it's still lurking behind the scenes. "I worry that they still may have access to my computer."

Experts say if a link "just doesn't seem right" don't click on it.

Teach your kids about how to avoid poisonous links when the search, and of course, always make sure you have good, up to date anti-virus and malware programs running on your computer.

Copyright 2013 WFLX. All Rights Reserved.