To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://networks.silicon.com/webwatch/0,39024667,39127137,00.htm

Tsunami scammers manipulate Google rankings
Phishers aiming to profit from tragedy by Google bombing...

By Munir Kotadia

Published: Tuesday 18 January 2005

Fraudsters hoping to steal money intended for a Chinese charity have manipulated Google's page rankings to ensure that their fake site appears higher than the charity's official website.

When searching for The China Charity Federation, which is collecting donations for tsunami victims, the first site listed by Google points to www.chinacharity.cn.net. This is a 'phishing' site set up by criminals in an attempt to steal money intended for the relief efforts. The actual organisation's website is at www.chinacharity.cn

Internet security specialist Trend Micro warns that users should be careful when donating money over the internet and ensure they are absolutely certain the site they are visiting is genuine.

Ben Guthrie, product marketing manager at Trend Micro, said that fraudsters have been able to manipulate Google to make their fake site seem more realistic -- but he said this is not the fault of Google or any other search engine.

"This is not necessarily an issue relating to trust or the validity of any search engine's results. This is more indicative of a wider trend we have seen in the security industry where these types of attacks have gone from quite simplistic social engineering and are becoming a more thought out process as more organised criminal intent goes behind the planning and processes," said Guthrie.

The technique used by the fraudsters is known as "Google bombing" and is possible because of the way Google ranks the "importance" of certain websites over alternatives.

When a site is Google-bombed, it means a number of websites link to the target website using a specific word or phrase -- in this case "The China Charity Federation". When a user runs a search for that text, the site with the most links pointing at it will receive a better ranking from Google and so appear higher up the results page.

This particular fraudulent site has been closed down but Trend Micro's Guthrie warns that there will be more.

"Throughout the history of humanity the lowest common denominator of human behaviour does tend to pop up around times of great tragedy or disaster and this is an example of that type of behaviour meeting a new paradigm," said Guthrie.

Guthrie said that, as Google was a diverse collection point of information sources, users should be vigilant when visiting any particular website.

"This is a microcosm of the internet as a whole. It can be a wonderful tool to help children learn and it can also be horribly damaging," he added.

Munir Kotadia writes for ZDNet Australia.