In a not unsurprising turn, scammers have jumped on the demand for
Google Wave invites to spread their latest round of fake A/V Software.
This is not something that anyone in information security is going
to be surprised by, a concurrent event that many people want to
participate in or know of being used by scammers to spread their latest
incarnation of malware wrapped as something useful. What is sad is that
it is Google Wave that is currently being scammed according to the
Register.
Ironically, Google searches for terms related to Google
Wave return results that point to sites hosting rogue antivirus, net
security firm Websense warns. Google invited only 100,000 users to test
its Google Wave collaboration service, a factor that has arguably
increased interest in the service while also increasing the potency of
fake offers for the service that actually promote malware. Source: The Register
Scammers poisoning search engines is nothing new, just about any
search engine is vulnerable once it is even semi worked out how it runs
and how it parses results. What is tragic is that the search engines
seem to be incapable of working out who the good sites are offering
good information about the product and who is busy passing off malware.
As malware writers and their delivery mechanisms get more sophisticated
in the deluge that is the internet, systems like Mahalo start to make sense if you can ramp up the people to actually make that happen well.
Black hat search engine optimization is a continually evolving
process where people are trying to work out how to best position their
stuff above real information on the internet. Matt Cutts, one of the
Google Anti-Spam spokes people at Google has much to say on Black Hat SEO, and how Google attempts to stop it.
The sad part is that when there is an artificial scarcity much like we
are seeing with Google Wave, or something hugely popular like
Microsoft’s new free AV people are going to want it, and Black Hat SEO
is going to be all over what is popular. You only have to look at the
results from Google’s Hot Trends to see Black Hat SEO in practice.
If you are looking for Google wave invites there are much safer
places like the Google Wave invite thread over on FriendFeed. The more
interesting part is that as people get smarter about what they are
searching for, it is going to be smaller trusted communities like
FriendFeed or even Facebook that are going to be the true winners.
Smaller groups of people that you trust who have access to scarce or
rare goods are going to be more important than the search engine
results that we have grown accustomed to over the last decade. This is
where it gets interesting for everyone. Small communities of interest
isolate themselves from others, but smaller communities of interest
also allow for an even distribution and sharing of rare items. While it
seems contradictory, Black Hat SEO is driving those smaller communities
to develop along trust lines. While Google and Microsoft are doing what
they can, audiences are going to drop off in favor of those small
communities that trust each other.
(Cross-posted @ IT Toolbox)