Pirates of the search results page


Search malware redirects nearly 100%% of infected users' clicks on web search results to unintended websites. Most published research details how web-based malware works and technological interventions to stop it before users ever see it; however, the constant evolution of obfuscation techniques makes it difficult to prevent infection altogether. User interventions in the form of toolbars, dialogs, and user education have seen limited success. Previous research has focused on a prototypical type of malware; a sophisticated program that conceals itself (e.g., surreptitious download onto a host computer) or tries to fool the user by mimicking known, trusted websites (e.g., phishing attacks). The goal of our research is to understand users' experience, understanding of and response to search malware. The present research shows that even when confronted with blatantly unusual search behavior, people are unlikely to attribute blame to malware or to engage in behavior that may remedy the situation.