Internet search engines are now one of the commonest means by which malware spreads, a new study has suggested.
The study, carried out by McAfee spyware expert Ben Edelman, analyzed common searches on all the Net’s major search engines, Google, Yahoo, MSN, AOL and Ask.
The results make sobering reading. Between January and April of this year, all surveyed engines returned numerous sites that could be classified as “risky”. At times the risky site percentage reached 72 percent of returned sites for apparently innocuous searches such as “free screensavers,” “digital music,” and “popular software”.
MSN emerged as the best of the bunch with 3.9 percent of risky sites returned overall, with Google at 5.3 percent and Ask the worst at 6.1 percent. Sponsored links – the commercial frontline for search engines – were particularly prone to malware subversion, returning between two and four times as many risky sites as unsponsored links.
“As we look at the Web, we see many instances when search engines lead users to dangerous content,” the report says. “Our analysis of search engine safety finds bad practices among 5 percent of search results for popular keywords, or roughly one site per page of search results.”
McAfee lays the blame at the doors of search engines move to earn as much money as possible without considering the implications of malware evolution.
“Profit motivations have shifted search engines’ ranking methodologies. Prominent results often reflect solely a site’s willingness to pay rather than its quality, relevance, or safety,” it says. “Some analysis indicates that search engines make big money selling ads to untrustworthy sites.”
The report cautions against reading the risk rates as low, rightly pointing out that becoming infected with even a single piece of malware can be disastrous for the average consumer.