Bangkok--12 Nov--Core & Peak Trend Micro security researchers have today discovered spam messages infecting users with links to what seem to be Google websites (http://google.com/search{some string}btn{some string}). The incriminating string here is “btn,” the equivalent of clicking the ‘I’m Feeling Lucky button’ found on Google’s search page. Using this button, Google redirects the user to the first Web page it had ranked as most relevant to the provided search query, instead of displaying the usual search listing. “Links like these seem credible — after all, who doesn’t trust Google? As a result, users may be led to believe these links are harmless. However, instead of returning a list of search results, these links directly open an infected site,” said David Sancho, Senior AV Researcher at Trend Micro’s Labs. In order to exploit novice users, malware authors just need to make sure that their site gets first base on Google rankings to make this tactic work. Search engines provide an array of built-in advanced search functionalities. However, these can be exploited by spammers to inject credibility into their spamming attempts. Google and other internet resources provide an array of advanced search functionalities built into the search engine. However, these functionalities may also be used by spammers to inject credibility into their spamming attempts. Trend Micro suggests using a web threat protection technology that is able to block malicious content on Web pages, proactively breaking the infection chain before infection can take place. Still, users are advised against clicking links offered in spammed messages, even if they look trustworthy enough. For more information please visit: http://blog.trendmicro.com/just-got-unlucky/ # # # Media Contact: Bussakorn Sonthikorn, Senior Public Relations Consultant, Core & Peak Co.,Ltd. 0-2439-4600 ext. 8202