No. 1 Story

ACCC clears Optus to scrap HFC network and use NBN instead

The ACCC has cleared, provisionally, the proposed deal between Optus and NBN Co under which Optus is to be paid around $800m to shut down its HFC network and transfer customers onto the NBN. read more

Related Articles

Beware, Google, Wave, links
Oops'¦ Google in now-fixed anti-phishing gaffe
Phishers wanting access to confidential usernames and passwords only needed to visit Google’s anti-phishing...
Read More
New year's resolution: Beware SMS phishing
SMS phishing is likely to be one of the leading security issues of 2007...
Read More
Malicious Trojan disguised as Google Toolbar
UK-based Internet security firm SurfControl has detected a malicious threat disguised as a link...
Read More
Beware of risky world cup screensavers
A new survey by security vendor McAfee has found that world cup soccer players...
Read More

More From

Popular Threads

Beware Google Wave links

Stephen Withers
Monday, 19 October 2009 06:02

Business IT - Security

View Comments
Interest in Google Wave is being exploited by people behind malicious web sites, according to a security software company. Looking for an invitation could result in a malware infection.
With only 100,000 or so invitations to the Google Wave beta having been issued so far, demand greatly exceeds supply. And that level of interest is being exploited by people behind malicious web sites.

Those using Google searches to try to gain an invitation risk landing on a page that attempts to install malware on their computer. According to Kane Lightowler, Imperva's regional sales director for Australia and New Zealand, the bad guys are using techniques such as Google search poisoning to attract people to malicious sites.

"We've seen this happening," he told iTWire.

Lightowler explained that one approach involves linking to the malicious page from reputable sites either by using exploits that allow the alteration of content hosted on a server, or simply by leaving comments. Embedding the right keywords makes the target appear a better match to Google, and setting the link text the same colour as the background means it is less likely to be spotted by the site administrator.

"Google Wave is a very topical search term at the moment," says Lightowler, which is why it is being targeted.

He suggests individuals run up to date security software on their computers and keep it up to date. Browsers such as Firefox and Chrome warn of dangerous search results, and there are various add-ons for other browsers to provide similar protection.

Organisations should take steps to ensure the security of their web servers to prevent such malicious defacements. Previous attacks have concentrated on high-profile sites which have now tightened their security, so attention has shifted to compromising larger numbers of smaller organisations.

One way this can be readily achieved is by attacking a service provider's server that hosts multiple sites.

"Small or large [sites] are not immune" to the crooks' attention, said Lightowler. And the processes needed to mount such attacks are becoming automated, he warned.
 

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases