Google Searches Cause Website Hi-Jackings

Posted on April 11, 2008. Filed under: Apollo News, Small Business News |

USA Today came out with an article just recently titled Google searchers could end up with a new type of bug regarding a cyber crime that is happening when an unsuspecting victim simply performs a search on Google. How many of us use Google search everyday? Most Internet users perform their searches using the Google search engine. But did you know that simply clicking on one of the links returned after a search on Google could be putting your entire PC, and any passwords that you use over the Internet from that point on in the hands of these Cyber crooks?


“The vulnerability occurs when someone does a Google search, then clicks on a result that has been secretly tainted by hackers.”


They will usually be taken to the Web page they expect. But at the same time, they are invisibility redirected to a computer server that installs a hidden program.’ The article goes on to say ‘This program enables hackers to use the PC to spread spam and carry out scams. Typically, it also lets the attacker embed a keystroke logger, which collects and transmits your passwords and any other sensitive data you type online.’


“The malicious code was found by security experts at Google on several hundred thousand pages”


Google says that most searches are safe. But you really can’t tell if a link is safe or not. All the links look the same.


A security researcher at Hewlett-Packard says ‘It should be the responsibility of the website operators to stop exposing people to risk as soon as possible.’ Google says that ‘it is helping affected websites fix the problem and is also developing new tools “to detect and block” malicious Web pages’ on their Web site.


There is so much talk about identity theft these days that everyone should have up to date security software on their computer. Identity theft happens not only when a criminal gets a paper copy of your information but also through spy ware like this that intercepts your information as you type it in over the Internet!


So what can you do to protect yourself?


Here are some suggestions:

  • Never write down your username and password
  • Never give out your username and password to others
  • Always use a password that is not easy for others to ‘guess’
  • Make sure you PC virus and spy ware software are always up to date: Just do a search on ‘computer security software’ on Yahoo! (ok, don’t search on Google just yet). You will see a few big names. Symantec has a product called Norton 360 and McAfee has a number of good products. Both companies offer a one year virus definition update that will make your computer safe from even the most recently discovered virus and spy ware programs. Both companies have been around for a while and work well as long as you continue to pay for the definitions even after the one year of protection that is offered for free.
  • Pay the annual security definition update: This is crucial! If you want to continue to have a secure computer, you need to renew your annual security updates with the software company that you have chosen.
  • Set your security software to automatically download new updates: You don’t want to have to remind yourself to go out to their site and see if there are new updates. Set the software to check each time you access the Internet to keep your computer secure.

How to Protect Your Customers from Themselves


Our team of engineers found out about this new vulnerability soon after this article was published. We went to work researching the problem and then finding the fastest and most powerful way to keep these cyber criminals from accessing our hosting customer’s sites. This is a daunting task considering the programs accessing these sites have legitimate user names and passwords stolen from customer’s computers. How do you keep out criminals, but still allow your customers easy access to their website which they are paying you for? We didn’t want to upset our customers by making it difficult, but we also wanted to keep these malicious hackings from taking place.


What our engineers have implemented as a result is something no other hosting company I have seen is actually doing. We have configured the user logins for all accounts on our servers as only accessible by the owner’s IP address. They have added other security measures that we won’t mention here for fear that cyber criminals might actually read my blog!


Websites all over the Internet were affected by this newest cyber crime. This information is not meant to scare you. We will continue to do as much as we can to keep your account secure. You can help by keeping your access information secure. Do not write down your passwords, do not give them out to others, and keep the computer you use to access the Internet secure.


Do you lock the doors to your house when you leave?


Of course you do! So you should protect your computer making it impossible for un-authorized users to access as well. The way to do this is to install and keep up to date computer security software. Cyber criminals are constantly on the look out for new ways to access your information! If you keep your computer secure, they will become frustrated move on to another un-protected computer to hack.


Most of our customer’s, who were affected by this unfortunate world wide scam that starts with a search on Google, have had their sites restored. Google mentioned that they are working to fix the sites affected, but if you were affected let us know. We will most likely be able to restore your site completely.


Thank you for your business.


Tamara Field
President
Apollo Hosting, Inc.
“Fast, Reliable Website Hosting Since 1999”

Make a Comment

Make A Comment: ( None so far )

You must be logged in to post a comment.

    About

    Hosting Industry, Website Creation, Ecommerce, Hosted PBX, VPS, Dedicated Servers

    RSS

    Subscribe Via RSS

    • Subscribe with Bloglines
    • Add your feed to Newsburst from CNET News.com
    • Subscribe in Google Reader
    • Add to My Yahoo!
    • Subscribe in NewsGator Online
    • The latest comments to all posts in RSS
    • Subscribe in Rojo

    Meta

Liked it here?
Why not try sites on the blogroll...