Easter is a couple of days away, and since gifting chocolate Easter eggs and thematically decorating homes is a big part of the celebration, it's no wonder that the results for typically innocuous search terms like "chocolate", "easter eggs" or "decorating tips easter secrets" include malicious ones.
According to Sophos, when those last two search terms are combined, the very first result leads users to be infected with a fake AV variant by the name of "Windows Care Taker":
The malware feigns to have discovered a massive infection, and in order to clean the computer asks the victim to purchase the full version:
"The reason why SEO attacks are successful, is that all of us tend to trust search engine results," says Sophos' Fraser Howard.
To prevent bad things to result from this tendency, he advises installing a reputable security product; using plug-ins that hide or modify the referrer that tells the page that one has landed on it via a search engine; and looking critically at the URL of the page before clicking on it, as most of the time the domain looks completely unrelated to the topic.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.