This is a subscriber-only article. Join Entrepreneur+ today for access

Learn More

Already have an account?

Sign in
Entrepreneur Plus - Short White
For Subscribers

Attacking Curiosity Poisoning search terms with infected links is a new favorite hacker trick. Make sure your business doesn't fall prey.

By Ericka Chickowski

Opinions expressed by Entrepreneur contributors are their own.

Tool: Norton Safe Web Lite
Company: Symantec
safeweb.norton.com/lite

Tool: SiteAdvisor
Company: McAfee
siteadvisor.com

Tool: SecureBrowsing
Company: Finjan
securebrowsing.finjan.com
SEO Poisoning on the Rise
• At any given hour, three of the top 10 search trends contain at least one malicious URL within the first 70 results.

• For "poisoned" search terms,15 links of the first 70 results typically are malicious.

• On any given day, 7.3 percent of links in the first 70 results for top search terms are malicious.

Source: Symantec

Even as most savvy business owners begin to grasp the significance that search engine optimization, or SEO, can play on their sites' popularity and click-through rates, so, too, are the denizens of the seamy underside of the cyberworld. High-tech security researchers warn that the bad guys are taking advantage of SEO to boost the page rankings of infected sites and spread malware for their financial gain.

Criminal hackers realize that most users trust Google search results implicitly, so they're gaming that system with a new attack technique called SEO poisoning. The idea is simple: Use SEO fundamentals to get a malicious site high up within a popular search term's results, trick searchers into clicking to the site and then hit them with something like a scam offer for fake antivirus software or a drive-by download.

The attack scheme has surged in popularity among hackers in the past year. Search topics ranging from the BP oil leak to World Cup mania have all returned top results littered with infected sites.

Business owners and their employees need to be vigilant about the potential for such attacks: Make sure to have antivirus software and keep the operating system and applications updated. Security companies also offer free browser plug-ins that automatically sense whether a site is malicious and warn you directly within your search results.

The rest of this article is locked.

Join Entrepreneur+ today for access.

Subscribe Now

Already have an account? Sign In