It seems that Google searches on terms that are related to iPhone SMS information are being used to return results that direct unsuspecting users to rogue AV sites. According to the Websense Security Labs ThreatSeeker Network blog malicious URLs related to Apple iPhone SMS/MMS searches are ranking as high as result number six. Examples of the kind of searches that are being poisoned include "iphone how to send multiple chats over sms" amongst others.

Websense researchers have tracked the infection trail should a user click on a link controlled by the attackers using this particular rogue antivirus coupled to SEO poisoning scheme. It appears that they will be taken on the usual runaround of 302 redirects until they land on a scareware site that does the old 'run into a room shouting fire' trick and then try and sell you a fire extinguisher. Although in this case it is displaying a warning that your computer is infected with malware and then offering to let you buy and download fake antivirus software in order to clear up the non-existent infection.

Websense concludes that "The use of Blackhat SEO leading to Rogue AV will only increase in the upcoming year. This scare tactic has proved to be a very successful method of social-engineering users into installing software onto their computers and tricking them into paying for it".

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.