What is SEO poisoning and how do I prevent it?
Definition of Search Engine Optimization Poisoning
SEO poisoning is a term for a complex black-hat method of attacking your computer by using websites that selectively “poison” or infect users with spyware, viruses, or other malware. SEO Poisoning is different from other such attacks because it is hard for a search engine to see, since the rogue site will deliver “innocent” looking content to search engine spiders and many visitors, but will turn around and hit some searchers with infections. This can be done by using back-end software to determine that the user has come from a search on Google, Yahoo, or Bing, figuring out the browser type, and then launching an attack on a vulnerable user.
Infected users can end up having usernames and passwords stolen, or they could end up with a computer that is part of a “bot net” that is assigned to spam other users, deliver more malware, or send illegal content across the internet anonymously. In all cases, such infection is bad for the user’s system, since it slows down processes, eats up your bandwidth, and may cause damage to your operating system as well as your reputation. A site that does SEO poisoning may look deliberately boring, since it will otherwise follow search engine optimization principles that are designed to get good web rankings for competitive keywords.
What are some solutions to SEO poisoning? For one thing, secure browsing appears to prevent the attack from deploying (at least for the time being) since the referrer is not seen as a normal search query. Keeping your security settings up to date is always a good idea, because some attacks can’t be stopped until they try to hit your system. Note that SEO poisoning can successfully prevent the “this site may harm your computer” warning that is seen on infected websites.
Notes and Special Information
Special note: This type of attack is hard to prevent or prove, so it pays to keep your software updated.