Security researchers are warning that web searching for the term 'Apple iPad' can lead to fraudulent websites.

According to researchers from Websense, terms such as 'iPad', 'Apple Tablet' and 'Apple iPad' are already being used in attacks based on search result poisoning, also known as the 'BlackHat Search Engine Optimisation' technique.

Describing such attacks, email security firm Spamfighter said that criminals use legitimate search-engine optimisation techniques to place fraudulent sites at the top of search results for popular terms.

The BlackHat SEO attacks appeared only a few hours after the much-hyped Apple iPad launch. Attackers used freely available search-engine software to target widely used search subjects, and then inserted details into hacked sites.

One example the Websense researchers have found is a fake antivirus scam. This is found on websites giving out information about the Apple Tablet. When unwitting web users find the sites, they are told that their PC is infected with malicious software, and coerced into buying a 'antivirus' licence to clean it up.

In reality there is no infection, and the 'AV' is at best useless.

Security giant Symantec has also warned that, as well as rogue antivirus and malware attacks, web users should look out for bogus promotional and retail offers offering discounted or free iPads. If an offer looks too good to be true, it almost certainly is.

Speaking about the increase in search-targetted threats, PC Tools' Richard Clooke said: "Our malware experts are seeing increasing numbers of threats that are linked to search results. Large numbers of users who search for reports on a news story or product launch are then targeted by malware authors who use the opportunity to distribute rogueware (or fake antivirus software).

"Cybercriminals are now seeding Google search results before a particular event occurs, so that when a user follows a link they are redirected to a window informing them that they are infected with malware. Users are then advised to download a fake antivirus software product to get rid of the infection. As they download and install the fake antivirus software they are asked for credit card information. Malware is then installed on the user's computer and any financial information entered is sent off to cybercriminals."

And Clooke offered this advice for worried web surfers: "Consumers need to make sure their security software is up to date and that it includes real-time comprehensive behavioural protection to reflect their engagement with the online world."

Related articles: