Online scam artists are using black hat search engine optimization (SEO) techniques to push more than just malicious software. In fact, SEO is increasingly being used to drive traffic to a range of phony Web based search engines that are feeding cost-per-click advertising scams, according to a blog post from Web security firm zScaler.
Writing on the zScaler blog on Tuesday, Julien Sobrier, a Senior Security Researcher at zScaler, said that the firm has noted scam artists are using SEO-optimized pages, hosted on compromised Web sites to drive traffic to a range of bogus search engines with names like xaras.net, p3po.com, xsearcher.net, and smartbuzz.biz. The sites are designed to look like Web search engines, but serve up only paid advertising links, regardless of the search term entered. Clicking a link sends the user on a whirlwind Web redirection tour of intermediate sites before he or she finally arrives at the advertised Web site – the better to fool ad networks suspicious of attempts to game their pay per click model, Sobrier wrote.
Most of the fake search engines are flagged as suspicious domains by Google’s Safe Browsing filter and appear to have low traffic volumes and only a handful of sites linking to them.
And fake search engines aren’t the only sites using SEO – zScaler reports that SEO optimized pages on compromised sites are also being used to point users to illegal download sites that make money by collecting ‘subscriptions’ for access to illegal movies and music, though they typically have little real content to offer.
Vulnerable WordPress blog installations are a common element in the attacks, though zScaler said that the ready availability of botnets for rent might also be used to drive Web surfers to shady Websites.