It’s the Most Wonderful Time… for SEO Poisoning!

SEO poisoning_header
‘Tis the time of year for eggnog and holiday tales. Here is a holiday story for you to be mindful of when browsing online.

When searching for something on the Web, most people type in a few keywords into a search engine, such as Yahoo!, Google, or Bing and press enter. And by the magic of the Internet, you’re presented with a list of results within a fraction of a second.

And like most people, you probably look only at the results from the first page of the search engine results page (also known as SERP). Website owners understand this mechanism, that the more visible (or higher ranked) their website is, the better chance of someone visiting their page. If a website is built with revenue in mind, a high ranking is critical to its success.

So, to help with creating better website visibility, owners employ a marketing technique called Search Engine Optimization (SEO). Also called White Hat SEO, these are legitimate techniques that fully comply with search engine rules and policies.

But there’s always a twist in these tales. In this case, cybercriminals also employ SEO techniques. This is called Black Hat SEO or SEO poisoning, where the techniques violate search engine rules and policies and can result in a page being banned from a search engine. Cybercriminals manipulate search results, so visitors who click on the highly ranked (and poisoned) results are redirected to a malicious website or a compromised legitimate website. From there, the visitor can be hit by malware through drive-by-download or have their personal information compromised through a scam.

Let us explain some different techniques cybercriminals use to poison search results and what you can do to stay safe this holiday season.

How Cybercriminals Poison Search Results
Keyword Stuffing
Cybercriminals manipulate search results by stuffing irrelevant keywords into a website, tricking search engines into ranking the website higher. In fact, as you do your holiday-related searches, cybercriminals are very familiar with the buzzwords users will search. They’ll then stuff those keywords into the malicious sites they want users to browse.

Cloaking
Cybercriminals can cloak a website, where content displayed to a search engine and a visitor are vastly different. For example, a user who searches for “best online deals” could wind up on a website that redirects to pornographic content or pops up a fake antivirus scanner.

Link Farming
Cybercriminals create link farms, which are websites that contain a mass of unrelated links. The sole purpose of link farms is to increase the ranking of other websites. Farm links rely on quantity rather than on quality and relevance of backlinks to achieve higher page ranking.

Stay Safe This Holiday Season
Search with Caution
Cybercriminals are hoping online shoppers will be busy using their search engines to look for the best holiday deals online. And they certainly hope users will find themselves on one of their malicious sites. Be vigilant and pay attention to the results you get when you search for online deals, coupons, sales, as well as any topics that may be trending or late-breaking during this time of the year.

Always Verify the Address in the URL
It’s a good habit to verify the website before entering in any personal information. Since cybercriminals can redirect users to malicious or phishing sites that look like the real deal, verifying the URL in the address bar can mean the difference between a cheerful holiday spent with friends and family or one spent making phone calls to your bank, credit card company, and consumer credit report services.

Make Sure Your PC Has an Antivirus and Firewall
Even if you’re vigilant about what you click on, it’s critical that your PC is equipped with an antivirus and firewall. Even more importantly, your security software should be up-to-date with the latest definitions. Since legitimate and respectable websites can harbor malware when compromised, it’s always good to know your antivirus and firewalls can be your backup.