Cyber-criminals, cyber-crooks, scamsters? (NZ Herald - click)

There’s been considerable discussion recently here on about so-called internet ‘scams’ and ‘bandits’ and ‘criminals’ … but let’s not lose perspective.

The sort of stuff highlighted in today’s NZ Herald technology pages, this report from PandaLabs about selling stolen credit cards —  well THAT’S clearly criminal stuff.

WASHINGTON – Cyber criminals are selling stolen credit card details for as little as US$2 each and renting computer networks for spam for $15 as part of a vast online black market, according to a new report.

PandaLabs, the anti-malware laboratory of computer security company Panda Security, published the various prices for cyber crime-related products after conducting an undercover investigation into online crime networks.

“This is a rapidly growing industry and cyber-criminals are aiding and abetting each other’s efforts to steal personal information for financial profit,” PandaLabs said.

Hyperbolic marketing has always been with us and always will be. So has criminal activity. But let’s not confuse the two, shall we?

Meanwhile, browsing the PandaLabs website I saw they also shine a spotlight on the murky use of internet search engines. That’s quite interesting, it seems to me.  (And how intriguing they use the same phrase ‘cyber crooks‘ to describe that dodgy activity.)

Speaking as someone who has recently been targeted by anonymous goblins people seeking to link my name to keywords like ‘scam’, fraud’ and ‘rip off’ via fake social media activity and Search Engine, …  er, … let’s call it trickery, I have a certain sympathy for that description.

Whoever is behind the multiple fake blogs and the semi-literate ‘articles’ which popped up last month apparently seeking to affect my online reputation … yes, in my personal opinion they probably ARE crooks:

Cyber-crooks manipulate Internet searches to sell fake antivirus products

– PandaLabs has detected Web pages using SEO techniques or maliciously exploiting Google Trends to promote fake antiviruses through search engines and infect users

– Other malicious Web pages can switch content depending on how users have reached the page in order to mislead investigators

– Other pages, such as the one selling the MSAntiSpyware2009 fake antivirus, avoid being indexed in search engines to make proactive URL detection, as employed by Panda Security solutions, more difficult

Cyber-criminals are manipulating search engine results to distribute malware, in particular, fake antivirus products. The reasons are simple: the criminals need to attract users to malicious sites in order to infect them, what’s new however, is the way they are drawing users to these Web pages. In the past, users were lured to compromised websites by means of massive sending of spam.

Targeted users read emails, clicked on the links they included and were unwittingly directed to a malicious Web page. Now however, due to the fact that users are more wary of messages received from unknown senders, criminals are using more effective ways of ensnaring new victims. They are using a Google tool called Google Trends ( which, among other things, lists the most popular searches of the day (anything from Obama’s inaugural address to the Oscar nominations).

Once they know the top searches and hot topics of the day, they create a blog full of the most searched for words (e.g. Obama, Penelope Cruz, etc.) and videos supposedly related to these topics. This way, they increase the blog’s ranking to place it among users’ first search results.

“Users who trust these results will end up on a Web page where they will be asked to download a codec or plug-in, etc. in order to watch the video. If they do so, they will be downloading malware, generally a fake antivirus”, explains Luis Corrons, Technical Director of PandaLabs.

Fake antiviruses try to pass themselves off as real antivirus products to convince targeted users they have been infected by malicious codes. Victims are then prompted to buy the rogue antivirus to remove these bogus infections. Cyber-crooks are currently profiting substantially from this type of fraud. …

In addition to standard SEO techniques, attackers are also using techniques known as “Black Hat SEO“, which could be described as illegal search engine positioning techniques used to by-pass search engine policies, present alternative contents or affect the user’s experience. Occasionally, it can be difficult to determine which techniques are legitimate or not, as this can depend on the search engine.

Read on at PandaLabs