Beware of image search engine poisoning - gHacks Tech News

Beware of image search engine poisoning

A recent analysis of the use of search engine poisoning to drive web traffic to payday loan sites by Sophos virus researcher Fraser Howard suggests that the majority of image search poisoning is happening on Bing's image search engine and not on Google Images.  According to the information, 65% of blocked search engine redirects caused by search engine poisoning is happening on Bing, while only 30% on Google, with more than 90% all all redirects originating from poisoned image search results.

The article fails to provide hard data that is needed to come to the conclusion though. Missing is for instance the total number of image-based searches and the percentage of redirects for each search engine. While Google certainly has a larger market share when it comes to search, it is not clear if this is also the case for Image Search or Sophos users. While it is certainly possible that Bing's image search results are prone to image search engine poisoning, it is impossible to verify that this is indeed the case without additional data.

bing image search

From a users point of view, it may be reassuring to know that your search engine may be less prone to search engine poisoning, but there are other factors that need to be considered. While a lower search engine poisoning ratio may be reassuring, it does not mean that you won't fall pray to this attack form when searching for images when using your favorite search engine.

For users, it is important to know what search engine poisoning is and how it can be identified properly. The basic methodology is the following:

  • A keyword-rich web page is created or hacked
  • Search engines find the page and list it in their index
  • SEO is used to push keywords to the top if necessary
  • Users clicking on the search results linking to the page are automatically redirected to malicious websites

The best protection against these kinds of redirects is an up to date security product that blocks known malicious sites automatically and can detect unknown malicious sites through heuristics as well. You may also improve security by not clicking-through to pages hosting those images.

Have another tip on how to deal with search engine poisoning? Post it in the comments below.

Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. marius t said on October 14, 2012 at 2:03 pm
    Reply

    That’s why sometimes is useful to have a userscript like “Google Images Direct Links”,because I’m intersted only in the image not from where it came !

  2. DanTe said on October 14, 2012 at 5:35 pm
    Reply

    I always do all my searches in Sandboxie. Thanks for the heads up on Sandboxie here, Martin. I love it once I learned about it. Easier to use the VMware.

    1. Martin Brinkmann said on October 14, 2012 at 5:38 pm
      Reply

      I agree, it is a great program.

  3. Morely the IT Guy said on October 14, 2012 at 5:41 pm
    Reply

    HostsMan will help avoid all kinds of malicious Web sites (including Doubleclick and similar advertising) by using the MVPS.org hosts file. It doesn’t do automatic updates, but by placing a shortcut in your Startup folder, you can be reminded to check for updates daily, it takes only a couple of seconds. See http://www.abelhadigital.com/hostsman

  4. Sublym3 said on October 15, 2012 at 10:02 am
    Reply

    Thats interesting, would love to see the data behind it.

    I have seen a lot of people get infected from google images (myself included), since moving to Bing I haven’t had a problem.

    The other thing I find interesting is when you click on an image in Bing it doesnt actually open the website (as far as I can tell) where as in Google does.

    1. Martin Brinkmann said on October 15, 2012 at 10:14 am
      Reply

      Yes I’d really like to see the data as well. Bing Images displays the website on the Bing page last time I checked.

    2. Sublym3 said on October 15, 2012 at 10:15 am
      Reply

      My mistake, I had to turn off a couple of things to see the website load in Bing

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.