Lisa Vaas of eWeek has an article today on how nearly 500 people took the bait to 'Click Here to Get Infected.' It was as simple as setting up an innocent looking domain name (drive-by-download.info), one with an '.info' suffix that is reportedly popular with malware providers, as noted in the article. If you managed to find the ad and click through, you received a "Thank you for your visit" message. Sounds innocent enough.
"That was evidenced by the 409 people who clicked on an ad that offers infection for those with virus-free PCs. The ad, run by a person who identifies himself as security professional Didier Stevens, reads like this:
Is your PC virus-free?
Get it infected here!
"Stevens, who says he works for Contraste Europe, a branch of the IT consultancy The Contraste Group, has been running his Google Adwords campaign for six months now and has received 409 hits. Stevens has done similar research in the past, such as finding out how easy it is to land on a drive-by download site when doing a Google search."
In other words, be careful what you click on.
Although the site owner and the mock-site owner claims that no PCs were harmed, it goes to show that a significant number of people will click on ads or other interesting tidbits that have the potential harbour potential malware or malicious code. (In a related post, see "ani exploit via e-mail: you'd think hackers would know how to spell 'Britney Spears'.)
You can read more about this on the site owner's blog at http://didierstevens.wordpress.com/tag/malware/.
For more, see my past note on how there's no immunity from security vulnerabilities.
- Visit http://www.staysafeonline.info.
- To find out more about spyware – what it is, ways your computer can become infected, and what you can do to prevent it – watch this video on protecting your computer.
- If you're wondering how Windows Defender compares with other Microsoft antispyware and antivirus technologies, check out this product comparison chart.
- Windows Live Safety Center – A Web service designed to help ensure the health of your computer with free scanning tools that help you get rid of unwanted software.
- Malicious Software Removal Tool – A security tool that checks your computer for specific viruses and other malicious software and helps remove any infection found. This tool alone has run more than 2 billion executions.
- Sign up for our security newsletter and receive monthly advice
- Get more online safety tips