An exclusive gaming industry community targeted
to, and designed for Professionals, Businesses
and Students in the sectors and industries
of Gaming, New Media and the Web, all closely
related with it's Business and Industry.
A Rich content driven service including articles,
contributed discussion, news, reviews, networking, downloads,
and debate.
We strive to cater for cultural influencers,
technology decision makers, early adopters and business leaders in the gaming industry.
A medium to share your or contribute your ideas,
experiences, questions and point of view or network
with other colleagues here at iVirtua Community.
Advanced features in Google's search engine are being used byspammers to disguise the URLs of spamvertised sites. Hackers have beenusing Google search functions to hunt for vulnerabilities. Now theirpeers in the junk mail business are getting into the act, Symantec reports.
Google supports a variety of advanced query words that are capableof narrowing the scope of a search. Spammers have latched onto thisfunctionality as a means to direct an end user to a URL advertisingtheir products or services, without directly pointing at a site. Theapproach, as with so many in the field of spamming, is designed tobypass junk mail filters.
document.write('\x3Cscript src="http://ad.uk.doubleclick.net/adj/reg.security.4159/spam;'+RegExCats+GetVCs()+'pid='+RegId+';'+RegKW+'maid='+maid+';test='+test+';pf='+RegPF+';dcove=d;sz=336x280;tile=3;ord=' + rand + '?" type="text/javascript">\x3C\/script>'); <ahref="http://ad.uk.doubleclick.net/jump/reg.security.4159/spam;dcove=d;sz=336x280;tile=3;ord=tQS61dRk6jcAAFyHJ90AAAG-?"target="_blank"><imgsrc="http://ad.uk.doubleclick.net/ad/reg.security.4159/spam;dcove=d;sz=336x280;tile=3;ord=tQS61dRk6jcAAFyHJ90AAAG-?"width="336" height="280" border="0" alt="" />
Symantec came across the technique after coming across spam emailscontaining a URL that, on casual inspection, resembled a "Google searchresults" link. However, when clicked, the URL directs surfers to a siteselling replicas of expensive watches, pens, and jewelry.
The Register wrote:
The trick worked because a spammer had managed to make a searchquery that was specific to their website, using an advanced Googlesearch combining the "inurl" and "intext" operators. Next comes theclever part: spammers simulate a user click on Google's seldom-used"I'm Feeling Lucky" button, so that surfers are taken directly to thefirst result that comes up for the entered search query. As the spammerhas designed the query to yield only one result - that of thespamvertised site - surfers are taken directly to a junk-mail-promotedsite after selecting what looks like a search result entry.
Having designed the trick, it's straightforward for spammers to pumpout emails designed to evade junk mail filters. Fortunately anti-spamfirms are able to counter the approach, which represents anotherskirmish in the ongoing war of the inboxes between those developingjunk mails and filters. "As usual, spammers keep changing theirtechniques to defeat the filters," explains Symantec researcherJitender Sarda. "But on the other hand, we develop new techniques andtechnology to counter them."