To understand this attack, we have to step back to the basics with SEO. SEO stands for "search engine optimization." It is the work that goes into your website to help you rank higher when customers search for your business online. Search engines like Google and Bing use special software that quickly reviews or "crawls" the content on websites and then serves up the most relevant sites for a particular query. When your site's keywords are properly optimized, you'll get more visitors, which ultimately means more potential customers and more income.
There are all sorts of tricks and tips to improve your SEO ranking -- but that's another article for another time. These SEP attacks materialize in what is known as SEO spam. It's when an attacker injects your site with unwanted links and keywords. Hackers can insert links anywhere on your website, and depending on the tactics they employ, they can embed these links into the meta data or into your website's content. Hackers use basic HTML anchor elements to link to other pages. Some of the more common locations might be header and footer files because they load with each request, or in specific widgets or menus. But, we see them sprinkled in titles and content in the body as well.
Perhaps the most pervasive of SEP attacks is the injection of pharmaceutical ads, but these days you can see injections for things like casinos, fashion and a wide range of other industries -- including things like services to write your school papers. In all these instances, attackers find a way to inject spam keywords, often attributed to backlinks to their sites of choice.
For example, if a local Seattle marketing consultant's website experienced SEO spam, it could soon stop showing up in relevant search queries, such as "Seattle marketing consultant" because search engines would instead pick up fraudulent or malicious keywords. In digital marketing, we call this "losing your ranking," or being knocked further down in the search results for a truly relevant query. Ultimately, this form of cyber attack can cost small-business owners and entrepreneurs business because customers are no longer finding them online.
This type of attack is so effective and interesting to attackers because it's often very difficult to detect (e.g., they are often injected in code that renders off screen) and built on an affiliate business that cares only about impressions, not conversions. What this means is that attackers make money based on the traffic (impressions) they generate for their customers. As long as they are generating traffic, they are happy. It's such an effective attack that in a recent study we conducted of 60,000-plus infected sites, we found over 73 percent of the infected sites were affected with this malware type.
Negative impact of SEO spam
SEO spam can also hurt a business's reputation and mislead potential customers about the content of the site. This is because negative and incorrect keywords could direct straight to the business's website, giving off an unprofessional or even fraudulent appearance. For example, a high-end salon could have the incorrect keywords "cheap sunglasses" associated with its website. If this happens, visitors may think the site is a scam, or misinterpret what the business actually is. One of the ways that Google will punish your site is flagging it as potentially compromised::
Here are a few tips that should help small business stay ahead of SEO Spam threats:
1. Register with Google's webmaster tools. It's easy, and it's free. Google is one of the largest search engines and its software is constantly crawling the web. If you register with their tools, it will alert you when it finds an issue -- a full 48 hours before it flags it to the public or begins changing how your site shows up in search results. This is a great preventative step that costs nothing to enact.
2. Proactively protect your website. Websites are under attack on a daily basis, whether you deploy something on the server, application or in the cloud; you must deploy some form of a protective solution. My recommendation is to go with a cloud-based firewall, as the name implies it is a wall that helps keep attackers at bay. It actively adapts to attacks and helps keep your site spam free.
3. Deploy a monitoring service. These types of services monitor your website proactively and identify red flags or warning signs, which you would never see or recognize on your own, including monitoring for SEO spam. This is complementary to Google's webmaster tools. Partnering with a security provider helps provide peace of mind to small-business owners knowing they have a team with expertise to help them in case anything should go wrong.
4. Monitor keywords: This is a great way to get cross-functional teams involved: Have your marketing teams actively monitor your traffic and keyword performance. They are often on the front lines and should be able to notice suspicious behavior like a spike in keywords in industries you don't participate.
Security is very nuanced and constantly evolving. The online threats and issues we were dealing with just a year ago are different today. While this form of cyber attack isn't discussed as much as phishing or malware attacks, it's absolutely something all website owners should be aware of. Consider following the simple steps above to ensure no SEO spam is living on your website. Also, remember the value of good SEO optimization to keep new relevant visitors coming to your site.