It’s the Most Wonderful Time… for SEO Poisoning!

SEO poisoning_header
‘Tis the time of year for eggnog and holiday tales. Here is a holiday story for you to be mindful of when browsing online.

When searching for something on the Web, most people type in a few keywords into a search engine, such as Yahoo!, Google, or Bing and press enter. And by the magic of the Internet, you’re presented with a list of results within a fraction of a second.

And like most people, you probably look only at the results from the first page of the search engine results page (also known as SERP). Website owners understand this mechanism, that the more visible (or higher ranked) their website is, the better chance of someone visiting their page. If a website is built with revenue in mind, a high ranking is critical to its success.

So, to help with creating better website visibility, owners employ a marketing technique called Search Engine Optimization (SEO). Also called White Hat SEO, these are legitimate techniques that fully comply with search engine rules and policies.

But there’s always a twist in these tales. In this case, cybercriminals also employ SEO techniques. This is called Black Hat SEO or SEO poisoning, where the techniques violate search engine rules and policies and can result in a page being banned from a search engine. Cybercriminals manipulate search results, so visitors who click on the highly ranked (and poisoned) results are redirected to a malicious website or a compromised legitimate website. From there, the visitor can be hit by malware through drive-by-download or have their personal information compromised through a scam.

Let us explain some different techniques cybercriminals use to poison search results and what you can do to stay safe this holiday season.

How Cybercriminals Poison Search Results
Keyword Stuffing
Cybercriminals manipulate search results by stuffing irrelevant keywords into a website, tricking search engines into ranking the website higher. In fact, as you do your holiday-related searches, cybercriminals are very familiar with the buzzwords users will search. They’ll then stuff those keywords into the malicious sites they want users to browse.

Cloaking
Cybercriminals can cloak a website, where content displayed to a search engine and a visitor are vastly different. For example, a user who searches for “best online deals” could wind up on a website that redirects to pornographic content or pops up a fake antivirus scanner.

Link Farming
Cybercriminals create link farms, which are websites that contain a mass of unrelated links. The sole purpose of link farms is to increase the ranking of other websites. Farm links rely on quantity rather than on quality and relevance of backlinks to achieve higher page ranking.

Stay Safe This Holiday Season
Search with Caution
Cybercriminals are hoping online shoppers will be busy using their search engines to look for the best holiday deals online. And they certainly hope users will find themselves on one of their malicious sites. Be vigilant and pay attention to the results you get when you search for online deals, coupons, sales, as well as any topics that may be trending or late-breaking during this time of the year.

Always Verify the Address in the URL
It’s a good habit to verify the website before entering in any personal information. Since cybercriminals can redirect users to malicious or phishing sites that look like the real deal, verifying the URL in the address bar can mean the difference between a cheerful holiday spent with friends and family or one spent making phone calls to your bank, credit card company, and consumer credit report services.

Make Sure Your PC Has an Antivirus and Firewall
Even if you’re vigilant about what you click on, it’s critical that your PC is equipped with an antivirus and firewall. Even more importantly, your security software should be up-to-date with the latest definitions. Since legitimate and respectable websites can harbor malware when compromised, it’s always good to know your antivirus and firewalls can be your backup.

6 thoughts on “It’s the Most Wonderful Time… for SEO Poisoning!

  1. Thanks much. Think about it. How many of us checked this URL before we started reading this page?
    Happy Safe Holidays to all. Mary

  2. There should be no such thing as a “drive-by-download”!! If it is possible to have a file downloaded to your computer without your specific and deliberate consent (via a *physical* mouse click, followed up by an explicit confirmation from the OS), then the people who design and build our web browsers and security software have failed us abysmally!

    • John, this has been on-going for quite some time. Soft ware based computers have entry points you must to seal off from the outside world or you may be attacked if you have what hackers want. Hard ware based computers are most difficult to hack but security precautions still are to be taken with them. ZoneAlarm firewall is a MUST! as it prevents attacks before they start. There are many thoughts to antiviral programs; I happen to use AVG. Steve Gibson Research can offer advanced insight on how to secure the computer to those with advanced skills. Try the “Shields Up” program to see where your computer rates. Merry Christmas and Happy New Year.

      • You are missing my point completely. It should *NOT* be necessary to add several additional layers of security to the browser in order to prevent unauthorized files from being downloaded to your computer. It is the browser — and the browser alone — which mediates the transfer of files between websites and the user’s machine. It is therefore the browser’s responsibility to identify any file which is not explicitly required to render a web page and which might pose a threat. Any browser which fails to do this should be banned from the face of the earth.

        The concept of a “drive-by-download” should never have existed in the first place, because *all* browsers should have been designed from the very beginning to prevent unauthorized downloads, via detection and user confirmation. It’s not a difficult thing to achieve, no matter how devious the malicious website authors might be.

        Note that I am *not* disputing the value of firewalls and anti-virus programs for other security purposes (unrelated to the browsing of web pages). I have both on my machine.

  3. You can use Trusteer rapport, you can secure your regular websites and indicator in the top right hand side will be green when your on the correct website.

Leave a Reply

Your email address will not be published. Required fields are marked *


2 + = three

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>