SEO poisoning definition
SEO poisoning, also known as search engine poisoning (SEP), is a malicious tactic used by cybercriminals to manipulate search engine results in order to promote harmful websites. The goal of SEO poisoning is to trick users into clicking on malicious links that appear to be legitimate search results, often leading to phishing sites, malware, or other forms of cyberattacks.
See also: data poisoning, route poisoning
Types of SEO poisoning attacks:
- 1.Malware distribution. Users who click on poisoned search results are often redirected to a website that attempts to download malware onto their device, such as ransomware, spyware, or trojans.
- 2.Phishing attacks. SEO poisoning can be used to direct users to phishing websites that look like legitimate login pages (e.g., for banking or email), tricking users into providing sensitive information such as passwords or credit card details.
- 3.Fake antivirus scams. In some cases, SEO poisoning promotes fake antivirus software that claims to detect viruses on a user's system and then prompts them to purchase fake or ineffective solutions.
How SEO poisoning works:
- Exploiting SEO algorithms. Attackers use SEO techniques to make their malicious websites rank highly in search engine results for popular or trending keywords.
- Link farming. Attackers create networks of fake websites or compromised websites that link to the malicious site. These links help boost the ranking of the harmful site by appearing to generate "organic" backlinks.
- Targeting trending searches. SEO poisoning typically targets high-traffic keywords, such as breaking news, celebrity gossip, and trending topics.
- Creating malicious websites. The attackers create websites that appear legitimate but are designed to deliver malware, initiate phishing attacks, or steal personal information.