Searching for a hot news topic or buzzword can already lead an unsuspecting person to harmful malware. Recent articles are full of warnings about malware hidden in links that are supposedly about the World Cup or the Icelandic Volcano. Estimates have suggested that about 14 percent of traditional searches for trending news go to sites hosting malware.

As real-time search becomes more important, the problem of malware-related results could become much worse, according to a talk given yesterday by Dan Hubbard, CTO of Websense, at the Cloud Security Alliance Summit, which took place at the Black Hat security conference in Las Vegas. The event brought together speakers from government, industry, academia, and the underground. Hubbard outlined several ways that real-time search results are easy to poison.

Much of the problem stems from the nature of information provided in real time, Hubbard says. It's noisy, spammy, and not authoritative. So search engines have a difficult task ahead determining what links can be trusted.

The results are also easy to manipulate. Hubbard experimented with searches related to the recent Boston marathon. He found that he could get posts to the top of real-time search engine results by posting in anticipation of events. For example, he posted information about who had won before there was a winner, garnering a top spot on real-time results pages. He found that he could trick even Google by introducing typos that other users might be likely to make (such as "Botson" marathon). And, by posting images along with text, Hubbard found that he was able to rocket his posts to the top of results pages.

Hubbard says spammers could use social graphs to manipulate real-time search results as well. A botnet, for example, could create large numbers of interconnected Twitter accounts, creating a source of information that could seem authoritative. Hubbard also pointed to recent reports of spammers taking over the Twitter accounts of well-known users.

There may be big opportunities for spammers as location gets factored into the ranking of real-time results. Current location services trust where users say they are, he says. Location is also relatively easy to spoof. Spammers could add their links to real-time search ranks by seeming, for example, to tweet about the Icelandic volcano from Iceland, or about the Boston marathon from the finish line.

Hubbard plans to continue his investigation by looking at how spammers might be able to influence Facebook streams and search, and what they might be able to do with the popular location-based social network Foursquare.

While researching today's story about crafty phishing techniques, I came across some statistics that reveal the lifespan of various types of nefarious Internet schemes. The chart below, put together by Milcord, a company that collects real-time data about botnets, shows that spammers survive for a couple of months, while phishers typically make it only about five to ten days. Malware schemes are in between.

The chart shows the respective lifespans of botnets engaged in phishing, spam, and malware distribution. The data is for botnets that use a trick called flux to extend their lifespans. Credit: Milcord

What's the reason for this time difference?

Alper Caglayan, Milcord's president, thinks it's due to the nature of the victim. "Phishing targets well-known brands, like Citibank, Bank of America, eBay, or Paypal," he says. "Obviously, these folks are willing to spend a lot of money defending their brands."

Though ordinary people are the ones who ultimately get burned, phishers can affect the reputations of companies with deep pockets. Caglayan says that some security companies offer service-level agreements that promise to get a phishing site hosted in the U.S. taken down in under an hour.

Spam, on the other hand, has no such highly-motivated opponents. While it's a nuisance to everyone, no particular company suffers publicly for it, and therefore, the money to halt it simply isn't there.

Most individuals may want someone to do something about spam, but they end up relying on anti-virus software or intervention from law-enforcement agencies.The motivation to go after and shut down the botnets just isn't the same.

Now we know what gang war will look like in cyberspace. It doesn't much resemble the Jets and the Sharks. It looks more like you and me.

A new study found that 90 percent of all e-mail sent is spam--and most of that is sent out by criminal gang members and other unsavory characters who are hacking into personal computers and using them as "e-mail zombies." From the Reuters story:

About 200 illegal gangs are behind 80 percent of unwanted e-mails, according to Spamhaus, a body that tracks the problem. Experts blame the rise in spam on computer programs that hijack millions of home computers to send e-mails.

These "zombie networks", also called "botnets", can link 100,000 home computers without their owners' knowledge. They are leased to gangs who use their huge "free" computing power to send millions of e-mails with relative anonymity.

How bad is this problem? Well, anyone who has ever opened his or her e-mail account after a long holiday weekend can attest that it's bad. However, a story in the Times found that as many as 150,000 English citizens have unknowingly had their computer used to send out spam.

And all of that can be traced back to one man, according to the Times story:

Amichai Inbar, identified as the world's fifth most significant spammer, has been using a London-based internet company to control the networks of hijacked computers, The Times has discovered. He is responsible for billions of e-mails advertising pornography, drugs such as Viagra and offers of "cheap" shares that turn out to be virtually worthless.

The recent revelations have caused an uproar at the European Union headquarters, in Brussels. Leaders are calling for new spam laws to be strictly enforced across all territories, including the United States, which is purportedly the worst at controlling spammers, according to this Associated Press story.