Security.com

Bing security: Is search engine poisoning a problem for Bing users?

By Michael Cobb

I've read statistics that indicate Microsoft Bing users are far more likely to be the victims of search engine poisoning than users of other search engines. Why is that? Is Bing fundamentally less secure than other search engines? Should I advise users to steer away from Bing, or is search engine poisoning equally likely from any search engine anytime?

You are probably referring to the Bing article written by Fraser Howard at Sophos, who reviewed data produced by a Web appliance used to block links that are potentially malicious and appear in search engine results. In this particular data set, nearly two-thirds of search results from Microsoft's Bing search engine contained malicious links compared with not quite one-third of Google's results.

While both stats show that scammers are still achieving success with SEO poisoning, it would be premature to claim that Bing security doesn't match other search engines' from just this one nonacademic study. The article doesn't state whether exactly the same search terms were used on both sites; in fact, the results don't account for the number of times each search engine was used, only that they would expect Google to be the dominant search engine in use.

However, the article does offer other important insights that can help improve user security. The data clearly showed that attackers achieved the most success from poisoning image search results, with front-page results leading to drive-by downloads, exploits, malware and phishing sites. Obviously it is easier for search engines to spot poisoned results for text searches than to determine if an image is malicious. Also, it is harder for users to recognize rogue images within image search results. Like Google, Bing uses a variety of techniques to filter results, such as ranking signals, to help weed out spam.

Analysis of the Web traffic of more than 75 million users by Internet security firm Blue Coat Systems Inc. found that poisoned search engine results accounted for a full 40% of all cyberattacks in 2011 and remained the No. 1 malware threat on the Web, ahead of email and social networking-based attacks.

To make searching safer for your users, deploy a security product that blocks redirects and file downloads using detection and reputation filtering. Security awareness training should be updated to cover the latest techniques used by scammers and phishers so users know what to look out for. Users should also be encouraged to do the following:

• Scrutinize the URLs and site descriptions returned in search results
• Exercise caution if the domain is not related to the search topic, such as a .ru site appearing for a search on New York Giants
• Use the preview feature to see if the page looks legitimate
• Use extra care when searching for popular images, such as celebrities or major news stories
• Keep antimalware and antivirus software up to date.

Poisoned search engine results are a problem regardless of the search engine, so users should be advised to take the same safety precautions regardless of whether they use Bing, Google or any other search engine.