Google top search engine at avoiding scams

Even search engines can get suckered by internet scams.

With a little sleight of hand, con artists can dupe them into giving top billing to fraudulent websites that prey on consumers, making unwitting accomplices of companies such as Google, Yahoo and Microsoft.



Online charlatans typically try to lure people into giving away their personal or financial information by posing as legitimate companies in "phishing" emails or through messages in forums such as Twitter and Facebook.



But a new study by security researcher Jim Stickley shows how search engines also can turn into funnels for shady schemes.



Stickley created a website purporting to belong to the Credit Union of Southern California, a real business that agreed to be part of the experiment.



He then used his knowledge of how search engines rank websites to achieve something that shocked him: His phony site got a No. 2 ranking on Yahoo's search engine and landed in the top slot on Microsoft's Bing, ahead of even the credit union's real site.

Google, which handles two-thirds of US search requests, didn't fall into Stickley's trap. His fake site never got higher than Google's sixth page of results, too far back to be seen by most people.



The company also places a warning alongside sites that its system suspects might be malicious.



But even Google acknowledges it isn't foolproof.



Some recession-driven scams have been slipping into Google's search results, although that number is "very, very few," said Jason Morrison, a Google search quality engineer.



On one kind of fraudulent site, phony articles claim that participants can make thousands of dollars a month simply for posting links to certain websites. Often, the victims are asked to pay money for start-up materials that never arrive, or bank account information is requested for payment purposes.



"As soon as we notice anything like it, we'll adapt, but it's kind of like a game of Whac-A-Mole," he said. "We can't remove every single scam from the internet. It's just impossible."



In fact, Google said that it is suing a company for promising "work at home" programs through websites that look legitimate and pretend to be affiliated with Google.



Stickley's site wasn't malicious, but easily could have been. In the year and a half it was up, the 10,568 visitors were automatically redirected to the real credit union, and likely never knew they had passed through a fraudulent site.



"When you're using search engines, you've got to be diligent," said Stickley, co-founder of TraceSecurity.



"You can't trust that just because it's No. 2 or No. 1 that it really is. A phone book is actually probably a safer bet than a search engine."



A Yahoo spokeswoman didn't respond to requests for comment. Microsoft said in a statement that Stickley's experiment showed that search results can be cluttered with junk, but the company insists Bing "is equipped to address" the problem. Stickley's link no longer appears in Bing.



To fool people into thinking they were following the right link, Stickley established a domain (creditunionofsc.org) that sounded plausible. (The credit union's real site is cusocal.org.)



After that, Stickley's site wasn't designed with humans in mind; it was programmed to make the search engines believe they were scanning a legitimate site.



Stickley said he pulled it off by having link after link inside the site to create the appearance of "depth," even though those links only led to the same picture of the credit union's front page.



The experiment convinced Credit Union of Southern California that it should protect itself by being more aggressive about buying domain names similar to its own.



Domains generally cost a few hundred dollars to a few thousand dollars each - a pittance compared with a financial institution's potential liability or loss of goodwill if its customers are ripped off by a fake site.



"The test was hugely successful," said Ray Rounds, the credit union's senior vice president of information services.



Stickley's manipulation illuminates the dark side of so-called search engine optimisation. It's a legitimate tactic used by sites striving to boost their rankings - by designing them so search engines can capture information on them better.



But criminals can turn the tables to pump up fraudulent sites.



"You can do this on a very, very broad scale and have a ton of success," Stickley said. "This shows there's a major, major risk out there."



Robert Hansen, a web security expert who wasn't involved in Stickley's research, said ranking high in search engine results gets easier as the topic gets more obscure.



An extremely well-trafficked site such as Bank of America's would always outrank a phony one, he notes.



Still, Hansen said, criminals have been able to game Google's system well enough to carve out profitable niches. He says one trick is to hack into trusted sites, such as those run by universities, and stuff them with links to scam sites, which makes search engines interpret the fraudulent sites as legitimate.



"I don't think we're anywhere near winning" the fight against such frauds, said Hansen, chief executive of the SecTheory consulting firm.



Roger Thompson, chief research officer for AVG Technologies, who also wasn't involved in the research, said search results can be trusted, for the most part.



"But the rule is, if you're looking for something topical or newsworthy, you should be very cautious about clicking the link," he said.



That's because criminals load their scam sites with hot topics in the news, to trap victims before the search engines have a chance to pull their sites out of the rankings.



"The bad guys don't have to get every search," he said. "They just have to get a percentage."



Consumers can protect themselves from scam sites by looking up the domain at www.whois.com, which details when a site was registered and by whom. That can be helpful if the web address of a phony site is similar to the real one.

Voices
There will be a chance to bid for a rare example of the SAS Diary, collated by a former member of the regiment in the aftermath of World War II but only published – in a limited run of just 5,000 – in 2011
charity appealTime is running out to secure your favourite lot as our auction closes at 2pm today
News
File: James Woods attends the 52nd New York Film Festival at Walter Reade Theater on September 27, 2014
peopleActor was tweeting in wake of NYPD police shooting
Sport
Martin Skrtel heads in the dramatic equaliser
SPORTLiverpool vs Arsenal match report: Bandaged Martin Skrtel heads home in the 97th-minute
News
Billie Whitelaw was best known for her close collaboration with playwright Samuel Beckett, here performing in a Beckett Trilogy at The Riverside Studios, Hammersmith
people'Omen' star was best known for stage work with Samuel Beckett
PROMOTED VIDEO
Life and Style
ebookNow available in paperback
Life and Style
ebooksA superb mix of recipes serving up the freshest of local produce in a delicious range of styles
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: Operations Manager

    £30000 - £35000 per annum: Recruitment Genius: An exciting opportunity to join...

    Recruitment Genius: IT Support Analyst - Bristol

    Negotiable: Recruitment Genius: An IT Support Analyst is required to join the ...

    Ashdown Group: (PHP / Python) - Global Media firm

    £50000 per annum + 26 days holiday,pension: Ashdown Group: A highly successful...

    Ashdown Group: Part time Network Support Analyst / Windows Systems Administrat

    £30 per hour: Ashdown Group: An industry leading and well established business...

    Day In a Page

    Surrounded by high-rise flats is a little house filled with Lebanon’s history - clocks, rifles, frogmen’s uniforms and colonial helmets

    Clocks, rifles, swords, frogmen’s uniforms

    Surrounded by high-rise flats is a little house filled with Lebanon’s history
    Return to Gaza: Four months on, the wounds left by Israel's bombardment have not yet healed

    Four months after the bombardment, Gaza’s wounds are yet to heal

    Kim Sengupta is reunited with a man whose plight mirrors the suffering of the Palestinian people
    Gastric surgery: Is it really the answer to the UK's obesity epidemic?

    Is gastric surgery really the answer to the UK's obesity epidemic?

    Critics argue that it’s crazy to operate on healthy people just to stop them eating
    Homeless Veterans appeal: Christmas charity auction Part 2 - now LIVE

    Homeless Veterans appeal: Christmas charity auction

    Bid on original art, or trips of a lifetime to Africa or the 'Corrie' set, and help Homeless Veterans
    Pantomime rings the changes to welcome autistic theatre-goers

    Autism-friendly theatre

    Pantomime leads the pack in quest to welcome all
    The week Hollywood got scared and had to grow up a bit

    The week Hollywood got scared and had to grow up a bit

    Sony suffered a chorus of disapproval after it withdrew 'The Interview', but it's not too late for it to take a stand, says Joan Smith
    From Widow Twankey to Mother Goose, how do the men who play panto dames get themselves ready for the performance of a lifetime?

    Panto dames: before and after

    From Widow Twankey to Mother Goose, how do the men who play panto dames get themselves ready for the performance of a lifetime?
    Thirties murder mystery novel is surprise runaway Christmas hit

    Thirties murder mystery novel is surprise runaway Christmas hit

    Booksellers say readers are turning away from dark modern thrillers and back to the golden age of crime writing
    Anne-Marie Huby: 'Charities deserve the best,' says founder of JustGiving

    Anne-Marie Huby: 'Charities deserve the best'

    Ten million of us have used the JustGiving website to donate to good causes. Its co-founder says that being dynamic is as important as being kind
    The botanist who hunts for giant trees at Kew Gardens

    The man who hunts giants

    A Kew Gardens botanist has found 25 new large tree species - and he's sure there are more out there
    The 12 ways of Christmas: Spare a thought for those who will be working to keep others safe during the festive season

    The 12 ways of Christmas

    We speak to a dozen people who will be working to keep others safe, happy and healthy over the holidays
    Birdwatching men have a lot in common with their feathered friends, new study shows

    The male exhibits strange behaviour

    A new study shows that birdwatching men have a lot in common with their feathered friends...
    Diaries of Evelyn Waugh, Virginia Woolf and Noël Coward reveal how they coped with the December blues

    Famous diaries: Christmas week in history

    Noël Coward parties into the night, Alan Clark bemoans the cost of servants, Evelyn Waugh ponders his drinking…
    From noble to narky, the fall of the open letter

    From noble to narky, the fall of the open letter

    The great tradition of St Paul and Zola reached its nadir with a hungry worker's rant to Russell Brand, says DJ Taylor
    A Christmas ghost story by Alison Moore: A prodigal daughter has a breakthrough

    A Christmas ghost story by Alison Moore

    The story was published earlier this month in 'Poor Souls' Light: Seven Curious Tales'