Thinking of going online to get a Victoria's Secret giftcard for your Valentine? Be careful where you look! Some Google search results are rigged, especially image results. And some innocent-looking links are part of fraudulent activities such as cookie-stuffing and click-jacking. Below is a short video that shows what happens when you click on one

Tomorrow, on January 18, 2012, dozens of popular websites covering a diverse range of subjects will be blacking out their home pages in protest of the U.S. Stop Online Piracy Act (SOPA).  Some of these websites are well-known, such as the English language web site for the encyclopedic Wikipedia and quirky news site Boing Boing,

Scam artists and cyber-criminals welcomed today's news of the demise of Libyan leader Muammar Muhammad Abu Minyar al-Gaddafi (often referred to as simply Gaddafi or Gadhafi). Why? Because few events fuel Internet search activity as much as the death of a famous–or infamous–person, although celebrity weddings and divorces are also a big search driver. It's a

News that the FBI has arrested the Florida man they suspect of criminally hacking into devices belonging to celebrities such as Scarlett Johansson and Christina Aguilera is welcome, definitely a win for law enforcement and society at large. But the good news comes with a warning. The technique used by the alleged perpetrator was to

The bad guys know you far too well. They know that all they have to do is say they have video footage of Bin Laden and many people will mindlessly click. As is always the case with any big news headlines, there are fake videos being posted with the intent of infecting your computer and

As you can see from this photo from the Infosecurity Europe show, my sessions down at the gym are really starting to pay off. :) As I mentioned previously, the update process on the monthly ThreatSense Report continues, and the April report is now available here. While the usual look at the top ten security

We're now seeing a fiercely concentrated Blackhat SEO campaigns exploiting the McAfee False Positive (FP) problem. Juraj Malcho, our Head of Lab in Bratislava, reports that in a Google search like the one I've screendumped above, he got three malicious hits in the top ten (the same ones captured here: of course, the malicious domain

ESET is not going to try to capitalize on McAfee's unfortunate false positive problem (and nor, I'm sure, is any other reputable vendor). Such problems can arise for any AV vendor: it's an inevitable risk when you're trying to walk the line between the best possible detection of threats and avoidance of false detections (someone please

I was asked whether I'd seen SEO (Search Engine Optimization) poisoning relating to the Icelandic eruption and the very widespread grounding of aircraft in Europe. Well, there were certainly attempts in March to exploit the earlier Eyjafjallajokull eruption in order to drive googlers interested in finding out more towards malicious web sites. So it would be naive

I've noticed a number of tests recently that seem to be intended to prove that free antivirus is as good as commercial AV. As it happens, I'm not against free AV in principle, as long as people are entitled to use it – commercial use of free AV is usually not permitted. And I'm overjoyed when