Don’t Be Fooled – Prevent SEO Spam From Selling You on Anti-Virus Software

In a recent post I commented on how I believe that Kapersky Labs is wrong when they claim that the amount of fake anti-virus software will decline in the upcoming year. Malicious hackers show no signs of leaving behind the BlackHat SEO techniques that made them rich over the past few years.

Riding the news story of Brittany Murphy’s untimely death just weeks ago, attackers immediately began crafting rogue websites that contain malicious scripts used to trick the visitor into believing that their computer is infected with dangerous malware. This tactic, known as Scareware, frightens the visitor into purchasing anti-virus software or other malware removal tools from the attacker. Of course, this anti-virus solution is bogus and at times the credit card used to purchase the software is often stolen by the attacker as well.

Search Poisoning
To successfully implement this attack, the malicious hacker needs to first draw visitors to their illegitimate site. Using a BlackHat SEO technique known as Search Poisoning, the attacker’s site is pushed to the top of the search engine page rankings. According to Websense, a search for “Brittany Murphy death” returned several malicious links within the top ten results as a result of this technique.

To achieve such a high page ranking, attackers make use of comment spam from legitimate sites such as blogs, comment spam on forum posts and other tricks like back linking. To further enhance their results, many scrape the latest content from legitimate news sources hiking their ranking and fooling visitors into trusting them as a news provider.

Don’t Become a Victim
In mid-December, the Federal Bureau of Investigations addressed this problem by putting out a press release describing how this attack works and what people should do if they encounter scareware, or malvertising as the FBI calls it.

·    Run legitimate anti-virus software on your computer
·    Keep virus definitions and/or signature files up to date
·    Only install software from trusted sources
·    Do not give your personal or financial information to anyone without knowing exactly who it is
·    Report scareware sites to the Internet Crime Complaint Center (IC3)

How it Hurts
Of course, search poisoning hurts by pushing legitimate sites down further in the page rankings. Organizations who work hard at producing quality content are hardly noticeable when their keywords become the target of this technique. In the long run, search poisoning and other BlackHat SEO techniques are going to continue to damage the trust people have in smaller online publishers. While Mashable, TechCrunch, Huffington Post and the other giants may not see much more than a dent in their level of trust among readers, new blogs and websites may find that in addition to fighting for traffic, they will be fighting for legitimacy among visitors.

With the upcoming Olympic Games and another year of sensationalized news stories around the corner, we can only assume that these attacks will escalate, especially when the FBI claims that over 150 million dollars have been spent on bogus anti-virus software. To that end, we can also expect the search engines to look at ways to prevent attackers from working their way to the top of the rankings. With increased scrutiny from both visitors and search engines, publishers need to make sure that the SEO campaigns they employ are both legitimate and ethical. Skirting the boundaries of BlackHat techniques could wind up backfiring once the algorithms and visitors begin to look twice at sites that spam for traffic.