Crooks try to romance users with Valentine's Day spam

Eat your heart out, cupid. Valentine's Day still is nearly two weeks away, but the lover's holiday is already attracting the attention of the web's criminal element.

Researchers at Trend Micro on Monday said they have spotted two spam campaigns — one promoting a fake gift card promotion, the other counterfeit watches — in the wild, Maria Alarcon, an anti-spam engineer, said Monday in a blog post. As Valentine's Day nears, internet users should expect the scams to get more malevolent.

"Every special occasion and/or holiday is, in today's threat-laden internet landscape, not just a time for people to celebrate but also a time for spammers to scam unwitting users with their devious scams," Alarcon said, adding that in more malicious cases, the fraudulent emails show up containing links or attachments to viruses.

And if previous holidays and media events are any indication, users also should be on the lookout for poisoned search results, also known as black hat search engine optimization (SEO). Attackers use this tactic to get their malicious links near the top of search results so users are fooled into believing the results are legitimate.

Black hat SEO is the new spam, Mike Geide, senior security researcher at Zscaler, a web security firm, said in a blog post last week. The recent Haiti earthquake is a prime example of this, he said.

"It used to be that when you checked your email and/or email spam folder, there would be a slew of messages with links or attachments that would have titles related to the popular subjects of the time, and would be used to spread malware," he said. "Now the game seems to be that you sip your morning coffee and browse the web — largely driven from search results from Google. However, many of these search results cannot be trusted."

Google has said it uses manual and automated processes to remove malware from its search index.