Google and Bing Images are to blame for malware-spreading search results

New Bing on its way

Turns out you need to exercise some caution even when using reputable search engines like Google and Bing. According to a report from security company Sophos, there’s actually a higher risk of getting malware-laden links when using these more popular search engines, and it appears that image search is being specifically targeted. In fact, as high as 92 percent of malicious results were found via image search queries, says Sophos.

Bing and Google topped the list of most susceptible for hosting malicious links and collectively account for 95 percent of all malicious results. Google is responsible for 30 percent of that number, while 65 percent of this content can be traced back to Bing.

To penetrate the top results, blackhat – in another word, banned – SEO practices increase the chances that a URL will appear on the front page of a search engine’s results. The intention is that Google and Bing users will click on their search result and consequently distribute malware to the their computers. Search engines like Google and Bing are fighting a never ending battle with these illicit SEO practices, and for a short time were able to curb their reach with search algorithm tweaks.

For example, we reported earlier that the search term “Emma Watson” topped McAfee’s 2012 list of “Most Dangerous Celebrities.” Blackhat SEO practitioners target phrases that are most likely to be searched for, which in this case is “Emma Watson.” This means blackhats will create malicious sites and include information about Emma Watson to increase the likelihood that the URL will get indexed higher in the search results. Others will even hijack URLs to legitimate websites and redirect users to malicious ones. It’s all too easy because the majority of users are willing to inherently trust the top results from Google and Bing queries, and this is becoming more and more true for image searches as well, which are actually more dangerous and likely to lead to malware than your traditional text-based results.

So if you’re browsing Google or Bing Images, be careful about hitting that link. Simply right click the image and then select “Open image in a new tab.” But remember that this isn’t necessarily a fool proof method unless you’re using Linux, using the WOT extension for Firefox, or any other plugins for safe browsing.

Edit: A spokesperson for Microsoft’s Bing team got back to us with the following statement indicating that they’re aware of the search engine’s short comings, but are working to add new features and updates to combat malicious search results.

“Bing is able to detect pages consisting of machine-generated spam, keyword stuffing, redirect spam or malware, allowing Bing to effectively remove such sites from results. This is done through constant innovation on finding ways to detect the various evolving versions of the kinds of spam techniques we face. We are actively working on new filtering techniques for Image search where the majority of these malicious links were found. Additionally, signals that have been previously spammed now have countermeasures to prevent abuse. Bing has also developed several ranking signals to help weed out spam results and better understand the intent of the searcher. We are always looking to improve the Bing user experience for customers, and remain dedicated to providing a trusted and reliable search experience.”