Yes, we all know that they are famous publicly traded companies with search engines and web content. We know that 70 – 80% of you out there are using the latter of the three mentioned to conduct your business online. Unfortunately, we are here to report something else they now all share: ClickFraud attacks.
According to a report released in Tech.FirstPost.Com click fraud malware has infected over 900,000 machines around the world. The trojan named Redirector.Paco is used for generating money from Google AdSense.
RedirectorPro is the new generation of malware. This monster takes abuse to a whole new level, burning through companies’ advertising budget at an unprecedented pace. The malware’s objective is to redirect all traffic performed when using a popular search engine (such as Google, Yahoo or Bing) and replace the results with others obtained from a Google custom search. The goal is to help cyber-criminals earn money from the AdSense program.
The botnet executes a man in the middle attack. It replaces legitimate search queries, with customized results, by redirecting the traffic between the user and the search engine. It installs fake certificates in the system, that fool the browsers into thinking they have a secure connection with the search engines. Scheduled tasks in turn run scripts that modify the internet settings of the user. The machine then reroutes traffic through a local or remote proxy server. Any search queries are replaced with an implementation of Google custom search.
Click Frauds can be caused by viruses spread through malicious emails that contain what is commonly known as a trojan horse.
Here are 5 Tips on How To Identify Malicious Emails
Tip 1) Beware of urgent or threatening language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”
Tip 2) Look But Do Not Click
If you see an email link that looks suspicious, do not open or click on it. Open another browser and type the web address into the browser.
Tip 3) Check For Spelling Mistakes
One of the most common ways to detect fraud is through noticing spelling errors.
Tip 4) Analyze the salutation
Is the email addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name.
Tip 5) Do not Believe Everything You See
Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate.