A common attack form on the Internet is to optimize web pages or domain for specific keywords to make them appear on the first search result pages of popular search engines such as Google or Bing.
The attack is enabled once the page or domain receives first visitors from the search engines, which are more often than not unsuspecting of the dangers of the site. Different types of attacks are used on those sites, from harmless spam and popups over drive by downloads and redirects to fake antivirus offers.
Many of the pages have in common that they display different results for search engine visitors and visitors who do not come from search engines. This is relatively easy to do by checking the web browser's referrer value.
The new Firefox add-on Search Engine Security protects users from some referrer based attacks by changing the referrer of the web browser when coming from search engine pages. The extension supports Google, Bing and Yahoo currently.
It basically displays a different referrer than the one it should display. The effect depends largely on the attack site. Users may circumvent attacks if the site checks the browser's referrer to display a harmless page to non-search engine users.
While that's obviously no 100% protection against these kind of attacks, it is another layer of protection. In addition, it may be beneficial from a privacy point of view although the use is rather limited.
The extension works on the search engines that it supports as well as localized search engines. Zscaler SES on or off is displayed below the search form to indicate if the add-on is enabled on that particular search engine.
Search Engine Security can protect Firefox users from redirect attacks that load fake antivirus pages, videos or other malicious contents. Firefox users can download the extension from the official Mozilla Firefox add-on repository.
You can disable the add-on on for a specific search engine in the options. Here you can also add sites to a whitelist, which may be happy if a legit website checks referrers and displays different contents based on those. Lastly, it is possible to add or change the referrer itself in the preferences.
Update: The add-on has not been updated since 2011. You may want to check out Smart Referer instead which only sends referer information when links point to the same domain.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.