Malware Links in Google Search – Avoid Them With Encrypted Search
Recently Google has announced the Beta version of their Encrypted Search Results. Many other Google Products like GMail were already supporting encrypted version, which allowed you to access the service in such a manner that the data was travelling in an encrypted fashion supported by SSL.
This essentially mean that you can access GMail both with http://gmail.com as well as https://gmail.com. Notice the additional “s” in case of latter URL, which allowed the encryption.
But in a recent announcement on Google Blog, Google opened the gates on its flagship product for the encrypted version.
The Use of Encrypted Search in Avoiding Malware Links in Google Search
The obvious advantage of using encrypted version of Google Search is that no intruder will be able to know what you are searching on Google, even if he is able to intercept the data transacted on your computer with the Internet.
However, Neil Rubenking, a security researcher writing at PCMag Blog, has confirmed that Google Encrypted Search also protects you from becoming victim of Malware Links hidden in Google Search Results, a threat popularly known as Link Poisoning or SEO Poisoning.
If you are not sure, let me elaborate that it is a malicious activity by Malware developers, which allows them to get the malware URLs in the Google Search Engine pages. It is done through an active dose of SEO, often balckhat, to quickly climb the attacking websites’ URL in the Search Engine ranking pages.
When an innocent user clicks the URL and reaches the website, a drive-by-download attack is performed on his browser and malicious codes are activated. The malware developers are smart enough to detect that a user has visited the website through a search query. If, however, the visitor is not coming through a search query, the websites suspects that the visitor might be somebody, which knows the details about the website and may be a security researcher. In such a case, the website changes its codes and presents himself a clean website. The same is repeated with the Search Engine spiders to avoid detection of the malware code by the Search Engines.
See the example below.
How Encrypted Search Protects Innocent Users from Mlware Links in Google Search
Sine the data transacted is encrypted in nature, the attacking website is not able to understand whether the visitor is coming through a search query or not. This protect him from getting infected.
The Google Encrypted Search Query is presently in BETA mode and lots of things are yet be made public. But if the experiment is true, then it might have wider implications.
Most of the Analytics programs used by websites, depend upon the data provided the the visitor. In the absense of such data, lots of changes might be on cards for these analytics solutions.
Watch out this space for the updates.