SEO Poisoning Attack: A Look Inside How It Works

  • By

    Ericka Chickowski

Step 1: Compromise legitimate web sites

Step 1: Compromise legitimate web sites

These will be used to form the foundation of the attack.
One of the biggest risks that users run across during their everyday Internet browsing at the moment is from what security researchers call search engine optimization poisoning or SEO poisoning. Criminal hackers are taking advantage of our blind trust in popular search engines such as Google and Bing to trick us into clicking into malicious links. The bad guys use blackhat SEO techniques to boost the page rankings of their bogus sites. As these higher ranked sites start breaking into the top ten and top 20 results of a popular search term, users are lured into trusting the links. Capitalizing on anything from the Haiti earthquake to Mel Gibson's rants to the World Cup, these hackers use the links to bait users and then reel them in with malicious downloads. They unwittingly click into a malicious link due to their trust in the search engine. Channel Insider examines just how SEO poisoning is carried out by these bad guys and how common it is to see malicious links within legitimate search results. You may be surprised.
This article was originally published on 2010-08-13