— Charlie Sheen's everywhere this week, but the one place you don't want him is in your computer. Cyber criminals and mischief-makers, realizing the actor is getting lots of online clicks as he's featured on websites, videos and even on Twitter and Twitpic, may try to lure you to click on a search engine website link that could prove to be dangerous.
"Knowing that millions of people are searching for Charlie Sheen’s most recent video rampage, the bad guys are using the search term 'Charlie Sheen' to game the search results through search engine optimization poisoning," said a spokesman for Invincea, a software security firm.
Criminals are looking to "poison the search results and the link would appear to be taking you to a Charlie Sheen video, when actuality it is directing the user to a malicious site. Most of the time these malicious sites are fake anti-virus attacks ... where the user thinks they’re infected when in reality, running the (anti-virus) scan is what installs the malware."
While "consumers are getting smarter about searching online ... cybercriminals are getting sneakier in their techniques," said Dave Marcus, security researcher for McAfee Labs, last summer when that company found Cameron Diaz to be the "most dangerous" celebrity search name.
And just recently, Barracuda Networks, a content security and data protection company, said it found that "Jenni J-Woww" — Jenni "Jwoww" Farley of "Jersey Shore" fame — to be one of the world's most dangerous search terms, according to a report in Fast Company.
"Everyone should be aware that malware writers have become very adept at search engine optimization to ensure their malicious links get placed on top image results returned from Google searches," said Anup Ghosh, Invincea founder, and research professor and chief scientist in the Center for Secure Information Systems at George Mason University.
"The most important point for consumers is to not agree to download or run any software they do not intend to install on their machines — and to not be scared or intimidated into doing so," he said.
"Scareware or fake anti-virus scams work precisely by scaring users into installing, running, and sometimes paying for fake anti-virus software by appearing to show that their computer is infected with a number of viruses. If you see this while on the network, be assured this is actually not a Windows Security Alert — it's simply a scam to infect your computer and possibly get your credit card number if you enter it."
Ghosh said when you get such a fake alert, if you wind up clicking "remove all," or "cancel" or anywhere in the screen of the fake software, "the malware will attempt to download and then you will be asked to run the malware. Do not run the software or you will get infected for real."
Using Sheen's name as a lure is just one way to get to you and your information.
"In general, there are so many ways to get users to click on links that the writers of these malware campaigns are assured they will get a pretty good click-through rate and lots of installs of the malware," he said. "It is very difficult to train users to go against their instincts."