Over the past four days the scammers have used so-called redirector links on Web sites belonging to magazines, universities and, most remarkably, the Microsoft.com and IRS.gov domains, said Gary Warner, director of research in computer forensics with the University of Alabama at Birmingham, who first reported the activity on his Tuesday.

Many Web sites use redirector links to take visitors away from the site, although the Web site operators try to stop them from being misused by scammers. For example, the Google URL uses Google's "I'm feeling lucky" feature to send Web surfers to IDG.com.

If criminals can use a redirector on a major Web site like Microsoft.com or IRS.gov, however, they can make their malicious links pop up very high in Google search results, Warner said in an interview.

"Microsoft is a super-powerful site as far as search engine weight is concerned," he said.

The bad guys have tricked search engines into returning their malicious links to tens of thousands of search terms, Warner said. They've done this by using special software to add these redirector links to "tens of thousands of blog comments, guestbook entries, and imaginary blog stories all around the Internet," Warner said in his blog posting.