What is SEO Poisoning?
Search poisoning, or SEO poisoning, is the use of search engine optimization tactics to make a dangerous website appear legitimate and prominent in results of an online search.
What is SEO and how does SEO poisoning work?
Search Engine Optimization is a method of using certain keywords or other signals that will be noticed by search engines, allowing your web page to be shown in the results of a search engine more prominently.
The most-successful SEO attempts will push a particular web page higher in the list of ranked results displayed following any sort of online search with Google or other popular search engines.
SEO poisoning takes advantage of this process.
Cybercriminals might use SEO tactics in order to get their malicious web pages shown in the list of search engine results.
Websense Security Labs has estimated as many as 25 percent of the links that show up on the first page of an online search of trending topics link to dangerous websites.
This is done by building sites with names and keywords that tie in to trending topics – perhaps a popular news report or the name of a celebrity or politician.
Holidays are another trending search that pull in malicious website links.
For example, in the weeks leading up to Christmas, some malicious sites might appear to offer gift-giving ideas or holiday cookie recipes.
In fact, they are actually designed to inflict a dangerous program on your computer.
Hackers have used tragedies like earthquakes or floods to take advantage of searchers who were using the Internet to find information; celebrity deaths are another common target.
What are the dangers of SEO poisoning?
Like other online threats, SEO poisoning can lead to a variety of problems.
Victims who believe they are reviewing a legitimate website may be unknowingly installing a Trojan, worm or virus onto the system.
Once these malicious programs are installed, your private, personal identification is being threatened.
Criminals could access your bank account numbers, your phone number, your home address, your birth date, or any number of details.
They could also install keyloggers or programs that provide them with your usernames and passwords.
Once these criminals have your details, they can either use it for themselves or sell it to others for use.
This could empty your bank account or lead to credit problems.
Can I protect myself from SEO poisoning?
Yes, but protection often relies on awareness.
When you visit a website, be aware that poisoned pages might prompt you with a fake alert claiming your computer has been infected with a virus.
You may be asked to install a particular anti-virus program which, in reality, is only a malicious program.
Never click “OK” or “YES” when prompted to do so.
If possible, close the page. You may need to run an anti-virus program to see whether it detects a threat on your computer.
If you’re looking for news or websites related to trending or “hot” topics, don’t rely on search engines to find information.
Consider sites that you know are legitimate sources and go straight to those pages via your web browser, rather than through a search engine.
Keep your anti-virus and other security procedures on and updated.