What’s happening: This post is a good illustration of just how dangerous the internet has become. Criminals put their own malicious computer programs on legitimate websites. These programs are designed to exploit unpatched vulnerabilities on the computers of visitors to the website. When a user accesses the website, the criminal’s program is run and the user’s computer is now under the control of the criminal.
What it means: Having taken control of the user’s computer, the cybercriminal can steal bank account passwords, send spam, store hacker tools or do whatever else he wants. And the user may likely never know. Traditional antivirus / antispyware tools are often ineffective against these attacks.
What to do: Train staff to recognize danger signs. Diligently keep computers patched. Consider replacing antivirus / anti-spyware products with intrusion detection / prevention technology. Consider using Firefox running No-Script instead of Internet Explorer. Check your cyber-insurance. Be careful at home as well.
USA Today: Anti-virus firm McAfee recently analyzed search results for queries using celebrity names on Google, Bing and Yahoo Search. This ranking shows the likelihood, in percentage terms, that someone doing a celebrity-related search will click on a bad link that could turn control of his or her computer over to an intruder.