Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Blog From the Websense Security Labs: Instant Previews, A Pawn for Malicious Intent

November 2010 by Websense

The Websense Security Labs have issued a blog regarding the new service that Google launched last week called Instant Previews. This service allows users to see what a page looks like before going to it by hovering or clicking the magnifying glass next to Google search results.

“While this would at first appear to be a simple way to help you make an informed decision as to whether a link is malicious or not; our research shows that the images shown in Instant Previews aren’t updated as frequently as you’d hope and there is no guarantee that the user will land on the page shown in the preview. Taking a look at a known Black Hat SEO’d website from searches relating to Prince William’s engagement this week, Instant Preview returns a very legitimate looking page, complete with pictures and relevant words. To unsuspecting eyes, it looks clean. Of course, if you were to click the link you’d be redirected to Scareware which is a social engineer based attack employed by cyber criminals to entice you to install a Trojan by alerting them on a “missing Flash plugin” or that a “Firefox Update” is required. This tactic is also evident on ‘Black Friday’ search results.” said Elad Sharf, Senior Researcher, Websense Security Labs.




See previous articles

    

See next articles