Google Instant malicious suggestion warning

News Vicky Woollaston Sep 8, 2010

Google Instant search suggestions could leave surfers vulnerable to SEO poisoning attacks, security experts warn.

Google Instant - which works by automatically generating search results as you type in real-time - could also benefit the cybercriminals behind malicious malware campaigns, security experts reckon.

Cybercriminals often create infected web pages loaded with popular keywords and search terms, hoping to infect those searching for the terms with malware. This technique is known as SEO poisoning or Blackhat SEO.

Recently SEO poisoning attacks have exploited searches for Apple iPads but also news surrounding the death of Patrick Swayze and the 2010 Brit Awards.

Celebrity scams - 10 to avoid

Security experts predict that as a result Google Instant will improve these Blackhat campaigns.

Sean-Paul Correll from Pandalabs said: "As a test, I thought I'd search for 'antivirus' and see what suggestions came up. Lo and behold, Antivir Solution Pro, a well-known rogueware infection was amongst the suggested search terms."

"We know for a fact that most Blackhat SEO campaigns automatically query Google's trending topic results and now it seems that Google Instant will be suggesting those trending phrases (verbatim), potentially putting millions of victims directly in cybercriminals' crosshairs.

"Only time will tell, but we can see Google Instant aiding Blackhat SEO campaigns real soon," he continued.

How to turn off Google Instant