14 DAY TRIAL // Security researchers have recorded less black hat search engine optimization (BHSEO) activity this year because of the efforts made by search engines to block such attacks.
BHSEO, otherwise known as search result poisoning, is a term that refers to the techniques used to push malicious pages at the top of search results for targeted keywords.
In 2010 BHSEO played a major role for the distribution of fake antivirus programs (scareware) and usually targeted trending topics.
According to Julies Sobrier, a researcher with security vendor Zscaler, this was no longer the case this year, the abuse of popular keywords being significantly lower.
"Popular searches contained up to 90% malicious links in the first ten pages. Currently, the number is between only one and three total malicious results in the first ten pages," he writes.
There are several reasons for this improvement and one of them is Google's efforts to block the artificial promotion of pages that was being done by leveraging the page rank of compromised websites.
The response time to abuse reports of hosting companies and webmasters has also decreased thanks the increased awareness about the issue.
"Google has also helped to make webmasters aware of issues in their websites with warnings in Google Webmaster Tools, new warnings to users in search results and even direct e-mails to the owners of hijacked sites," Sobrier notes.
This doesn't mean, however, that BHSEO is dead. The Zscaler security researcher points out that it has simply moved to other types of search, such as Google Images or Google News. Furthermore, the targeted keywords have extended in scope, from the most popular ones to other more generic ones.
Web search results related to software purchases continue to remain 90% malicious, leading users to rogue online stores. "This is a problem that pretty much all search engines are facing," Sobrier concludes.