Home Sophos sheds light on SEO poisoning

Sophos sheds light on SEO poisoning

Press Release: April 19, 2010

A new report published by anti-virus software provider Sophos shows that SEO(search engine optimisation) poisoning techniques are increasingly being used to drive internet users to malicious websites containing malware and Trojans.

According to Sophos, there have been a large number of so-called 'black hat' SEO attacks of late, and the latest appear to use the Moscow subway bombing as a hook to draw users in.

In its report, Sophos claimed that, at the time of writing, the popular press is littered with stories of cyber criminals using unethical search engine optimisation techniques to spread viruses, Trojans and malware.

And, as a result, the firm has thoroughly investigated the use of 'black hat' SEO kits, which are used to automate the search engine optimisation process; allowing cyber criminals to push their dodgy websites into the public arena by boosting their Google and Yahoo search rankings quickly and easily.

Sophos hopes its investigation will help in the fight to stamp out the practice.

"As for other web-based attacks, it is the combination of URL filtering and content inspection that provides the best protection for users against SEO attacks. Monitoring the currently active SEO attacks enables collection of the redirection URLs involved, which can then be appropriately blacklisted," Sophos claimed.

The firm added: "Content scanning on the web server can also add significant protection against SEO attacks, providing detection for the scripts used in SEO kits and PHP backdoors. Such detections can give administrators an early heads up of a potential server compromise."

Sophos concluded by saying that the practice was "beautiful in its simplicity" and because SEO poisoning exploits search engine indexing - a wholly automated, algorithm-based process - attacks are unlikely to become less prolific over the short-term.

"While the attacks continue to succeed, there is little need for the malware authors and distributors to change the formula," Sophos said.

Commenting on the new report, search engine optimisation expert Sam Tilston said there are a number of ways firms can protect their SEO strategies from the after-effects of poisoning attacks.

Mr Tilston claimed that the best strategy is to focus on "offering internet users a good value and helpful website", which over time will "win out against exploitative tactics" used by malware and Trojan distributors.

"Ensure that only ethical techniques are used, otherwise known as 'white hat' SEO. This can be done by checking SEO methods against those recommended by Google," Mr Tilston said.

Notes to editors

For more information, please contact: