Definition

SEO poisoning (search poisoning)

SEO poisoning, also known as search poisoning, is an attack method in which cybercriminals create malicious websites and use search engine optimization tactics to make them show up prominently in search results. The sites are associated with terms that large numbers of people are likely to be using in searches at any given time, such as phrases related to holidays, news items and viral videos. According to Websense Security Labs, up to a quarter of the first page of search results for trending topics are linked to malicious websites. 

The attackers create websites with names and descriptions associated with popular or trending topics. For example, in the weeks leading up to Halloween, the attackers might launch sites offering free templates for Halloween costumes; in the weeks or months leading up to Christmas, they might launch holiday recipe sites. The sites might be devoid of relevant content or might feature content stolen from valid sites. The real purpose, however, is to infect visitors with malware or fraudulently access sensitive information to be used for identity theft. Malware on the site may coopt the visitor's computer for a botnet or install a Trojan horse to steal login information. Another ploy is to present the user with a product that they think they are purchasing to access their credit card details. 

To protect yourself from search poisoning attacks, security experts recommend that you keep your browser and antivirus software up to date, avoid clicking suspicious-looking links and never provide personal information online unless you're certain the site is valid and the transaction is secure. 

 

This was last updated in October 2012
Contributor(s): Ivy Wigmore
Posted by: Margaret Rouse

Related Terms

Definitions

  • active attack

    - An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target. In a masquerade attack, for example, the intruder pretends to ... (WhatIs.com)

  • passive attack

    - A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to gain information about the target and no data ... (WhatIs.com)

  • cryptography

    - Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. The term is most often associated with scrambling ... (SearchSoftwareQuality.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About SEO poisoning (search poisoning)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.