Malware Alert! The risk of image searches on Google and Bing

Bing vs Google

When was the last time you carried out an image search on Google Images? Did you check the website the image was hosted on before you downloaded it on your computer or smartphone? Unknown to you, image searches are one of the biggest channels of malware over the Internet.

Security conscious Internet users regularly take several precautions to avoid phishing pages and malicious websites. However, even the most security savvy individual can get outfoxed sometimes. Image searches on Google, Bing or other search engines are known to take users to infected websites that carry malicious codes and drive-by downloads. Unfortunately, many users just ignore the risks involved and end up with malware on their machines.

The threat arises when a user carries out an image search on Google or Bing (we are focusing on these search engines as they are the most commonly used ones). The results show thumbnails of images and a user clicks on the most suitable one without checking the website that hosts the image. This is extremely risky as some websites possibly contain all kinds of malware. Moreover, when a user finds a suitable image he downloads it on his machine and this injects malware into the system.

How search engines are compromised
A malicious website regularly scours the Internet to discover images that are popular. This includes images of celebrities, logos, symbols and trending memes. The website then optimizes its content to rank higher in an image search. This process is known as Black Hat SEO. So a user searches for an image, sees the infected website’s image in the search results, visits the page and downloads the image to inject malware into the system.

Google Search Results

In the case of a Google search, the website stays hidden behind the image. There is an option on the side that allows the user to “Visit page” but most people do not bother visiting the website before saving the image locally.

Bing Search Results

Bing is slightly better because the user can scroll down to see the full website. But again, this is something that very few people actively do.

Tips to avoid infected image searches
So what can users do to protect themselves from image search result threats? Here are some useful tips.

  • Always check the website that hosts the image you are downloading. Visit the page to view it properly.
  • Keep in mind that opening the image in a new tab from the search results page is the same as visiting the website.
  • Remember that if a website appears on top in a search results page, it does not necessarily mean that it is a legitimate website. Unsafe websites can also use SEO techniques to manipulate search results.
  • Ensure that your web browser, operating system and other programs are fully updated. Unpatched programs have the biggest security holes and are most vulnerable.
  • Update your virus protection software regularly. Quick Heal products provide browsing protection that blocks unsafe websites from being displayed. If you are a Mac user, you can also install Quick Heal Total Security for Mac.

The next time you carry out an image search on Google or Bing or other search engines, ensure that you follow these tips. This will keep you safe and protected from various unseen threats that are embedded in poisoned search results. A lot of malware reaches people’s machines through images that they have actively searched for and downloaded, so it is necessary for Internet users to be aware of this threat.

Rahul Thadani

Rahul Thadani

Follow @

Subscribe
Notify of
guest
26 Comments
Inline Feedbacks
View all comments
Snehil Sarkar
Snehil Sarkar
8 years ago

what is SEO?

kiran
kiran
8 years ago

sir
i have installed win2000 server edition quickheal but it do not cleans autorun and pop up every time

thanku kiran

Yogesh Patel
Yogesh Patel
8 years ago

thank for this update….

I usually search many item in google and bing search engine…

so thanks for this….

Shirish
Shirish
8 years ago

How a safe site is distinguished from a bad one? Can a common user separate the websites?

You have suggested, in your first point, to check the web site that hosts the image. You have also suggested to visit the page to view it properly. In the next line you have made it clear that opening the image in new tab is same as visiting the web site. But, in your first point, isn’t it what you are suggesting a user should do? i.e. visiting the web site. All this is somewhat confusing.

Chandravanshi Satyam
Chandravanshi Satyam
8 years ago

Thanks a bunch for this useful information. Till today, I just used to open the image and download… But Never thought about checking the source website from where the image is.

This post has made me a lot conscious about Downloading Images.

Kousik Adhikary
Kousik Adhikary
8 years ago

Oops! Didn’t know that.

Himanshu
Himanshu
8 years ago

Does opening Google image search ( without downloading them ) also inject malwares into the computer?

Darshan
Darshan
8 years ago

Hi, how can a .jpg file possibly harm your computer with a virus?

Chandrashekhar
Chandrashekhar
8 years ago

Looks like I have the Malware….
Now what do I do.I have run the Anti Malware of QHeal. But nothing has come out of that.????

asoke kumar mitra
asoke kumar mitra
8 years ago

thanks a lot,long time back i was downloading images from these sites,but i stopped.

Dr. Saral Kumar Mitra
Dr. Saral Kumar Mitra
8 years ago

QUICKHEAL must have the ability to protect its users by intercepting before
the user falls victim.
I remember QH once intercepted and saved me from damage and harassment.

Dr.Taka Zirdo
Dr.Taka Zirdo
8 years ago

Thanks this information. How can we detect ourselves phishing and malicious websites? If we can not detect it, we are most likely to go in malicious websites.

Subhankar Ray
Subhankar Ray
8 years ago

Thanks Rahul,
QH Team is excellent .
Regards

Nishant Patel
Nishant Patel
8 years ago

I have been using Quick Heal since 2008 or 2009. Before that it used to be the “so called antivirus programs” like Norton, McAfee, AVG, etc. that I was using. I used to get lot of “intrusion attacks” on my pc & laptop & subsequently what followed was a total system crash. All my data was “washed away”. Since the usage of Quick Heal, there ain’t no system crashes, intrusion attacks, malware attacks, trojan attacks, you name it. Just like a country has its suberb defence forces to protect the country & its citizens, we have Quick heal for our… Read more »

Nilesh Jadhav
Nilesh Jadhav
8 years ago

How to use image search safely?

sameer
sameer
8 years ago

Thanks rahul for updating us with SEO poisoning,image search affecting the system

ANIL APTE
ANIL APTE
8 years ago

sir,
I am using QH for last few years and the experience is very satisfying .we follow your alerts .but if sometimes we forget ot apply the suggestions in the alerts (such as the latest instructions regarding waterholes & java) can i rely on QH for taking care of my PC.I regularly update my PC.
THANKING YOU,
Anil Apte.

26
0
Would love your thoughts, please comment.x
()
x