As the old saying goes, if it ain’t broke, don’t try to fix it.
Unfortunately, that applies to the tactics used by cybercriminals just as much as it applies to legitimate businesses. It’s why distributed denial of service (DDOS) attacks have been around for decades. And it’s why ransomware has changed so little over the years.
Sure, we’re seeing more sophisticated distribution tactics, but ultimately modern ransomware works nearly the same as ransomware from a decade ago.
With that in mind, it appears another blast from the past has started to re-emerge. At least a few of you probably remember the early days of search engine optimization (SEO). Back when search engines were akin to a virtual wild west, black hat tactics were the best way to rank.
What Is SEO Poisoning?
You likely also recall how many malicious websites rose to the top of the search engine results page (SERP), abusing SEO to serve poisoned results to users, hence the term SEO poisoning. It didn’t take long for Google and other search engines to release algorithm updates that shut down most of the shadier tactics. But just like life, criminals always find a way.
Today, SEO poisoning takes a different form.
First, criminals create a website and take great pains to make it look as legitimate as possible. From there, they begin ‘trend chasing,’ leveraging their understanding of SEO in an effort to gain a prominent position on the SERP. There’s no limit to the number of keywords a single malicious domain may target in this manner.
Security firm Websense Security Labs estimates that these malicious websites represent as much as a quarter of the first page of search results for trending topics.
Generally, the objective is fraud or identity theft. Hackers will use the poisoned sites to steal the personal details of unsuspecting users. They might also inject ransomware onto a victim’s system, add another node to a botnet, or — if they’re lucky enough to infect a PC belonging to a webmaster — hijack another website to add to their malicious network.
How Do I Protect Myself From SEO Poisoning?
As with many types of cyberattacks, a little mindfulness goes a long way.
- Be incredibly wary of opening a website you’ve never heard of before, particularly if you’re searching for a trending topic.
- We also strongly recommend installing an up-to-date antivirus.
- Use a password manager for both your personal accounts and your business accounts.
- Keep all your software and systems up to date.
- It may be worthwhile to use a VPN or invest in a router that has built-in encryption.
- Consider installing an ad blocker and blocking scripts, as ad networks and malicious scripts are two prevalent delivery mechanisms.
If you own or operate a website, the same rules apply — remain vigilant, and put in the necessary work to keep your personal files and your professional data safe.
