Blog From the Websense Security Labs: Instant Previews, A Pawn for Malicious Intent
November 2010 by Websense
The Websense Security Labs have issued a blog regarding the new service that Google launched last week called Instant Previews. This service allows users to see what a page looks like before going to it by hovering or clicking the magnifying glass next to Google search results.
“While this would at first appear to be a simple way to help you make an informed decision as to whether a link is malicious or not; our research shows that the images shown in Instant Previews aren’t updated as frequently as you’d hope and there is no guarantee that the user will land on the page shown in the preview. Taking a look at a known Black Hat SEO’d website from searches relating to Prince William’s engagement this week, Instant Preview returns a very legitimate looking page, complete with pictures and relevant words. To unsuspecting eyes, it looks clean. Of course, if you were to click the link you’d be redirected to Scareware which is a social engineer based attack employed by cyber criminals to entice you to install a Trojan by alerting them on a “missing Flash plugin” or that a “Firefox Update” is required. This tactic is also evident on ‘Black Friday’ search results.” said Elad Sharf, Senior Researcher, Websense Security Labs.