Ford Targeted in Malware Scam


Targeted Blackhat SEO Attack against Ford Motor Co. from Panda Security on Vimeo.

SEO attack attempts to steal credit card data

By Michael Gauthier
April 15, 2009 2:32 PM
Filed Under: American, Ford, Gadgets, Industry

Ford has revealed that they are being targeted in a black hat Search Engine Optimization (SEO) malware attack.

This type of attack directs users who search for Ford related information to malicious websites where they will be asked to download a "codec" in order to view the information they are looking for. After a person accepts the download, a fake anti-virus program pops up and informs them that their computer is infected and they need to purchase a fraudulent anti-virus program in order to clean it.

When the unsuspecting individual enters their personal information and credit card data, it is sent to these virtual criminals who will likely rack up huge bills in their name and cause a plethora of other problems. If a person declines to purchase the fake software, it retaliates by preventing the computer from working properly in an attempt to force the user into buying the bogus program.

Although it is unclear as to how wide spread this attack is, Ford is working with Google and other search engines to help mitigate the impact.

As always, be sure to regularly update and scan your computer with the latest anti-virus and anti-malware software.

Press Release

DEARBORN, Mich, Apr. 14, 2009 - Ford Motor Company was made aware of a black hat Search Engine Optimization (SEO) attack using the Ford Motor Company name as bait to distribute malware on the Internet. Ford is collaborating with Google and other search engine companies to mitigate the impact.

These attacks work by misleading search engines to falsely promote malicious pages to the top of the search results. Once the user visits one of the malicious sites, they are prompted to download and install a malicious "codec", which then installs software that mimics anti-virus software.

These fake antivirus programs are designed to make users believe that their computers have been infected by malware. Users are then offered the chance - through pop-ups and banner ads - to buy the fake antivirus to clean their computers. If the victim does not purchase the bogus antivirus, the malicious code will prevent the computer from operating properly in an attempt to coax users into buying the product.