|
SEO Blackhatters Target Ford Via Google |
 |
|
pPandaLabs has identified over a million spam links used to target Google searchers looking for information about automotive parts from Ford and Nissan especially. Panda calls it ldquo;a major Blackhat SEO attackrdquo; designed to dupe searchers into downloading spyware or purchasing phony security software. br /
br /
Searching for the keyphrase ldquo;Diagram Of A 1998 Nissan Pathfinder Blower Motor,rdquo; for example leads to a Google results page packed with spammy sites. A savvy user can
identify them by their unusual URLs starting with an arbitrary number, followed by nonsensical combinations of letters and resolving to Polish domains./p
centerimg border="0" style="margin: 4px;" src="http://images.ientrymail.com/webpronews/article_pics/blackhatspam1.jpg" alt="Spammy Search Results" title="Spammy Search Results" //center
pbr /
These types of URLs went on for ten pages before I stopped lookingmdash;ten pages of weird Polish results for an English query, all mentioning different Nissan Pathfinder parts diagrams. This is a serious error in Google relevance: wrong language, wrong country, wrong parts (bringing back a door handle diagram isnrsquo;t the intent of the searcher in this instance), wrong sites, all of them likely created very recently.br /
br /
Clicking on any of the links is likely to lead to a webpage prompting the searcher to download a codec that is actually malware designed to present bogus security warnings. The malicious program then prompts the user to spend as much as $80 to download the security program to get rid of the viruses. This type of malware is called ldquo;scarewarerdquo; or ldquo;roguewarerdquo; and has become so popular among the underground lately probably because it works.br /
br /
Sean-Paul Correll, a security analyst for PandaLabs provides a a href="http://pandalabs.pandasecurity.com/archive/Targeted-Blackhat-SEO-Attack-against-Ford-Motor-Co_2E00_.aspx"partial list of the keywords/a and phrases targeted in this highly organized attack and provides a video to illustrate how it works. Though many of the examples target Nissan, Panda says over a million target Ford alone./p
pnbsp;/p
center object height="300" width="400"
param value="true" name="allowfullscreen" /
param value="always" name="allowscriptaccess" /
param value="http://vimeo.com/moogaloop.swf?clip_id=4143942amp;server=vimeo.comamp;show_title=1amp;show_byline=1amp;show_portrait=0amp;color=amp;fullscreen=1" name="movie" /embed height="300" width="400" allowscriptaccess="always" allowfullscreen="true" type="application/x-shockwave-flash" src="http://vimeo.com/moogaloop.swf?clip_id=4143942amp;server=vimeo.comamp;show_title=1amp;show_byline=1amp;show_portrait=0amp;color=amp;fullscreen=1"/embed/object/center
pbr /
a href="http://vimeo.com/4143942"Targeted Blackhat SEO Attack against Ford Motor Co./a from a href="http://vimeo.com/user1239040"Panda Security/a on a href="http://vimeo.com"Vimeo/a./p
pldquo;This case is especially interesting because itrsquo;s one of the few SEO attacks that we have seen targeting a single, specific brand,rdquo; said Correll. br /
br /
How are cybercrooks accomplishing such search engine dominance? Well, there are a number of blackhat SEO tactics, and it would be hard to identify exactly which ones. But one obvious tactic is fooling Googlersquo;s trust algorithm by slipping in links to target sites on trusted sites. In a Web 2.0 era defined by reader commentary and user-generated content, this becomes especially easy to accomplish./p
centerimg border="0" title="Spammy Comments" alt="Spammy Comments" src="http://images.ientrymail.com/webpronews/article_pics/blackhatspam2.jpg" style="margin: 4px;" //center
pbr /
Running a quick a href="http://www.google.com/search?hl=enamp;safe=offamp;q=link%3A+371.tgkovmy.az.plamp;btnG=Search"link check/a of some of the results Google was returning show spammers have made use of a comments section on a href="http://www.beerinator.com/index.php"Beerinator.com/a, a North Carolina-based beer enthusiast community, and also of the comments section on a href="http://www.logrithmic.com/"Logrithmic.com/a, a music blog. Ever seen a bunch of nonsensical text or irrelevant ldquo;nice siterdquo; comments with a link?/p
centerimg border="0" title="Random Word Spam" alt="Random Word Spam" src="http://images.ientrymail.com/webpronews/article_pics/blackhatspam3.jpg" style="margin: 4px;" //center
pThese appear to be the main tactics. The spammers also take advantage of forumsmdash;one link showed up on this a href="http://www.paramedicsa.co.za/"South African paramedics forum/a, the commentary section of which is a veritable spam bonanza. Beyond that, all these strange Polish sites seem to link to each other.br /
br /
Correll said Google could (and presumably does) monitor these attacks in house, but the company also has the option of outsourcing security to other companies to combat them. ldquo;They could also try to modify their algorithm, but that is not really a viable option given the expense and the high likelihood of technical issues (i.e. negative impact on their core search IP and capabilities).rdquo; br /
br /
Google did not return request for comment about what Google is doing about a spate of similar attacks or whether recent tweaks to their algorithm have allowed it. br /
nbsp;/pdiv class="feedflare"
a href="http://feeds2.feedburner.com/~ff/SEO-News-WebProNews?a=wcLOgq2RnrY:xiODLxEptN0:yIl2AUoC8zA"img src="http://feeds2.feedburner.com/~ff/SEO-News-WebProNews?d=yIl2AUoC8zA" border="0"/img/a
/divimg src="http://feeds2.feedburner.com/~r/SEO-News-WebProNews/~4/wcLOgq2RnrY" height="1" width="1"/ Read Full Story: |
