Definition

SEO poisoning (search poisoning)

SEO poisoning, also known as search poisoning, is an attack method in which cybercriminals create malicious websites and use search engine optimization tactics to make them show up prominently in search results. The sites are associated with terms that large numbers of people are likely to be using in searches at any given time, such as phrases related to holidays, news items and viral videos. According to Websense Security Labs, up to a quarter of the first page of search results for trending topics are linked to malicious websites. 

Next Steps

The attackers create websites with names and descriptions associated with popular or trending topics. For example, in the weeks leading up to Halloween, the attackers might launch sites offering free templates for Halloween costumes; in the weeks or months leading up to Christmas, they might launch holiday recipe sites. The sites might be devoid of relevant content or might feature content stolen from valid sites. The real purpose, however, is to infect visitors with malware or fraudulently access sensitive information to be used for identity theft. Malware on the site may coopt the visitor's computer for a botnet or install a Trojan horse to steal login information. Another ploy is to present the user with a product that they think they are purchasing to access their credit card details. 

To protect yourself from search poisoning attacks, security experts recommend that you keep your browser and antivirus software up to date, avoid clicking suspicious-looking links and never provide personal information online unless you're certain the site is valid and the transaction is secure. 

 

This was last updated in October 2012
Contributor(s): Ivy Wigmore
Posted by: Margaret Rouse

Related Terms

Definitions

  • distributed denial-of-service attack (DDoS)

    - On the Internet, a distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted... (SearchSecurity.com)

  • confidentiality, integrity, and availability (CIA)

    - Confidentiality, integrity, and availability (CIA) is a model designed to guide policies for information security within an organization. In this context, confidentiality is a set of rules that lim... (WhatIs.com)

  • virtual patching

    - Virtual patching is the quick development and short-term implementation of a security policy meant to prevent an exploit from occurring as a result of a newly discovered vulnerability. A virtual pa... (WhatIs.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Malware

    - Terms related to malware, including definitions about viruses and Trojans and other words and phrases about malicious software.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Dig Deeper

Continue Reading About SEO poisoning (search poisoning)

People Who Read This Also Read...

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top