Oct 062012
 

Searching the web for images could be more than 10 times more dangerous than regular text searches according to new research from security vendor Sophos. The study reviewed how SEO poisoning is used to drive visitors to malicious sites – to infect users with malware.

Without going into techie detail, SEO (Search Engine Optimization) poisoning is an illicit way to get a website to the top of search engine result listings. Once a user clicks on that site they are immediately redirected to a malicious site and attacked by malware. Sophos reviewed the malicious redirects blocked by their security software over the last 2 weeks.

They found that 92% of all poisoned search results were for images, compared to just 8% for standard text searches. It appears that the major search engines are very good at filtering out poisoned results from text searches but much worse at filtering image searches – poisoned 10 times as often.

Bing Vs Google – Image Search Risks. Sophos state that “the majority of the SEO redirects are affecting those using the Bing search engine”. 65% of the poisoned images found in the study were from customers using Bing – only 30% were from Google Image Search and 5% from other search engines. Could Bing be at least twice as bad as Google at filtering malicious links in their image searches?

In fact the situation is likely to be even worse for Bing – when I last reviewed search engine market share, Bing had only 3% share of the worldwide browser market whilst Google had 91%. Even in the US, Bing failed to reach 10% whilst Google had over 80% market share.

It is therefore likely that the majority of customers in the study were using Google, not Bing – all things being equal, Bing should have been responsible for only a tiny percentage of poisoned image searches e.g. less than 10% and definitely not 65%…

virus

Ways To Avoid Poisoned Image Searches – Sophos suggest using a good security product to block the redirected site attack – such as their own, naturally 😉 However, whilst the advice is sound, there are other ways to help avoid such malicious image links:

1. Use Google Image Search rather than Bing to find images. This is just one study but the results do appear pretty overwhelming, especially bearing in mind the huge difference in the market share of each search engine.

2. Use safe browsing software such as WOT (Web Of Trust) to flag malicious links before you visit them. Sophos noted that it is very difficult to tell just by looking at image search results whether an image leads to a malicious site or not. However, WOT makes it easy to tell if a site is malicious, and block it (if it has been rated by the community). I have reviewed WOT before and, although many antivirus products offer their own safe search rating systems, I have yet to find one that does a better job.

Note: WOT does not support image searches on Bing (or Yahoo etc) – only on Google. That does make me wonder if WOT contributed in small part to Google’s relative success in the study. WOT has been downloaded more than 47 million times – that’s a lot of users who could have avoided clicking malicious images on Google whereas their Bing counterparts would have no warning at all…

3. More advanced users could consider running the web browser in an isolated virtual environment e.g. using the free Sandboxie to protect against malware.

Conclusion

More research would be required to draw firm conclusions but these initial findings highlight the possible increased dangers of searching for images – especially if using Bing.