This technique isn't new, but seems to be widening on Google and is particularly successful on Twitter where links are spread fast and furiously and people often don't think before they click.
In the Twitter scam, hundreds of fake accounts have been posting tweets that reference the band Phish, which has a cult-like following, according to a PandaLabs blog.
There were so many of the tweets, which say "PhishTube Broadcast," that the term showed up in the Trending Topics list. The tweets contain links that eventually lead to spoof porn pages that infect victims with the fake antivirus malware if they click anywhere on the page, PandaLabs said.
PandaLabs researchers also discovered links to malicious Web sites high up in searches on Google for "Microsoft" and its "Project Natal" gaming technology. The malicious sites display fake messages saying the computer is infected with viruses and offer to sell antivirus software.
The researchers then tried other popular searches and found 16,000 malicious links targeting "YouTube," 10,500 targeting "France" and "airline crash" and thousands of others targeting people searching on "E3," "Sony," and "Eminem" with "MTV Awards" or "Bruno," according to another PandaLabs blog post.
By Elinor Mills
©2009 CBS Interactive Inc. All rights reserved