"With only a few days left before the tournament starts, if a user
searches for popular March Madness-related terms in Google, malicious
URLs as high as the first result are returned. Search terms that
currently exist within the Top 10 of Google's Hot Trends (the most
popular search results) return these malicious URLs.
If a user clicks through these links (such as
hxxp://[removed].de/news/nit_bracket_2009.html) they are redirected,
via Javascript code, to a Web site advising the user that their machine
is infected. The rogue AV Web site encourages the user to install a
file called install.exe.
The technique of search engine optimization (SEO) poisoning…"
Read more: http://securitylabs.websense.com/content/Alerts/3322.aspx
