chackraview.net

What is SEO

Search engine optimization (SEO) is the process of improving the volume or quality of traffic to a web site.  As an internet marketing strategy, webmasters edit the HTML content to increase its relevance to popular keywords; thereby raising ranking of their websites.

SEO techniques can be broadly categorized under white hat and black hat techniques.
Wikipedia says

“A search engine optimization technique is considered white hat SEO if it conforms to the search engines’ guidelines and involves no deception while Black hat SEO attempts to improve rankings in ways that are disapproved of by the search engines, or involve deception. One black hat technique uses text that is hidden, either as text colored similar to the background, in an invisible iframe tag.”

SEO poisoning attacks are primarily the attacks on popular websites that make use of  hidden iframe tags. An attacker creates a fake web page with proper SEO and using hidden iframes redirects web browsers to rouge websites.

The recently released Apple ipad is utilized for Blackat SEO poisoning attack.

When searched with keywords such as “Apple ipad”, “Apple tablet”, “Apple tablet announcement” or “Apple ipad rumor” on Google or any search engine, the results yield websites which may compromise your system.

Usage of Search Engine Optimization (SEO) Poisoning pushes the infected URLs to the top of the search results, thus, increasing the chance of a user clicking the malicious URL.
Hypothetically, if a user clicks the URL from a search result, he gets redirected to a malicious web site pretending as fake anti-virus or fake video codec software.
For instance, when I clicked on one such link, I was redirected to a website pretending to be rogue antivirus software which freely scanned my laptop online and displayed bunch of virus infections.

After the scan, website also popped up a message box asking me to fix the problems. As soon as I clicked on the message box, a rogue antivirus software installer was downloaded on my system.

After installation of this so-called antivirus, it performed a complete scan of my system and displayed numerous problems which even my fully updated commercial antivirus software was unable to make out. When asked to fix the discovered problems, it invited me to purchase a full version of software for a discounted price of $69.

Beware of such websites !!!

Conclusion:

No anti-virus software ever does free online scanning and display infections on your screen. These are just sophisticated social engineering techniques used by malicious hackers to fool users.

Cyber criminals are targeting popular and controversial events and harvesting keywords to perform SEO poisonings attacks. They tend to catch attention of users who later get trapped in this vicious circle.  The Tiger Woods story is one such incident that made mole out of the mountain.

So, all that glitters is not gold, apni akal lagao

References:

• Virus total analysis of so called Antivirus software