Not long after Prince William and Kate Middleton exchanged vows on April 29, a 1981 wedding portrait of the groom's late mother, Princess Diana, appeared as one of the top three images for people typing the most popular search term on Google that morning: "royal wedding coverage." But the link was a trip wire. Fraud artists had finagled a malicious website through Google's algorithm. The link led to a hacked page on a Web comic book called Kiwiblitz.com, which redirected the browser to another site—one with a domain name from an obscure Australian island territory and hosted in Sweden. That site displayed a realistic-looking program called "XP Anti-Spyware" that issued bogus warnings—Your Computer Is Infected! A few clicks led to a purported solution, for $59.95: a download of a fix that didn't actually exist.
Chalk up another success for what's generally known as the "fake antivirus" scam. Federal investigators and security experts estimate that its various iterations have extracted at least $1 billion from victims in the past several years, and it has become the most visible manifestation of an overall rise in malicious software, or "malware," distributed online (see charts below). The damage goes beyond the theft of cash: even if you don't pull out your wallet, sometimes merely clicking on the bogus come-ons can deliver other forms of malware that may steal your passwords or conscript your computer into a remotely controlled gang called a botnet. Because it generally relies on fooling people into voluntarily installing malware—a strategy called a social-engineering attack—it can wind up infecting even well-maintained machines, both PCs and Macs. "As a human-level act of deception, it is just classically beautiful," says David Clark, a research scientist at MIT's Computer Science and Artificial Intelligence Laboratory, who was the Internet's chief protocol architect in the 1980s.
To read the full, original article click on this link: The Perfect Scam - Technology Review
Author: DAVID TALBOT
