Jim McGrath says his computer was recently held for ransom. While he was searching online, his PC "froze", and a warning popped up demanding he "pay sixty dollars for a program to get rid of a virus."
Jim tried for hours to get his computer "un-frozen", but it would not function until he paid.
"I felt I was being scammed into buying a virus program that I didn't need because I already had virus programs and I couldn't even run a scan on my own virus program," McGrath said.
Experts say Jim was hit by a ransom-ware scheme and it's just one way you could be attacked. Cyber crooks are manipulating search engines so their "poisonous" or "tainted" web links pop up in your results. If you click on the malicious link, malware or viruses can invade your computer.
Chris Larsen works with Blue Coat Security who specialize in fighting these viruses. "You will be infected," Larsen said.
Blue Coat Computer Security's analysis found "search engine poisoning" attacks mounting. Now, computer users are three times more likely to get a tainted link from a search engine than in an email.
"People do trust the search engines and they are predisposed to click on whatever they see in the results," Larsen said. "And because they're not aware it could be dangerous this turns out to be a very effective attack for the bad guys."
Blue Coat found bad guys don't only target people searching for top news stories or adult content. They may try to lure you to their links while you search common topics like:
*Health and medical information, *samples of business and professional letters and seasonal searches, like holiday recipes, decorations and costume ideas.
Chris Boggs is the Chairman of SEMPO. "Search engine algorithms have been designed partially to prevent cyber criminals from doing this kind of behavior," he said.
The search engine industry group is fight back! Google told us:
"We've built and refined tools over many years to keep malicious content out of our search results."
"We are actively working on new filtering techniques for Image search where the majority of these malicious links were found."
Unfortunately sometimes cyber criminals sneak past even tough search engine security.
Boggs points out, though, "There's a few things that you can do to help that from happening."
Look at web site address endings: Experts say ".com's" and ".net's" are usually safe. But, if it ends in something you've never heard of, like ".cx" or ".tf" you may want to avoid those. And, if the text under the link looks garbled don't click on it.
Jim McGrath isn't sure what he clicked on to launch the ransom ware. He removed the software from his PC, but wonders if it's still lurking behind the scenes.
"I worry that they still may have access to my computer."