What is Search Engine Poisoning?

Search engine poisoning exploits the use of search engines to spread malware and viruses. This practice is becoming more prominent as a means of stealing credit card information. Generally, hackers will employ black hat SEO methods to gain higher search rankings for particular terms that launch rogue antivirus software upon clicking, followed by collecting credit card information. Blackhat SEO kits are readily available on the web and are used to manage a search engine manipulation attack that generates pages stuffed with keywords designed to make the page appear high up in search engine results. These kits can also create networks of thousands of crosslinked pages that contain this search engine-friendly content on hot topics. Often, big breaking news stories will be exploited to subvert searches in order to steer surfers towards scareware, malware or other scams. For example, after the Chilean earthquake in 2010, phony pages containing malware shot up the search engine listings immediately following the breaking news. As time went on more legitimate stories, blog articles and websites of charity organizations that have updated their content to include the disaster pushed the poisonous listings back down the search engine results pages. However, the next big news story will soon be subverted by search engine poisoning again, making it a recurring threat.

Comments are closed.