ASEOHosting, an SEO focused web hosting provider based in Orlando, Florida, and Detroit, Michigan, has released an advisory to web hosting clients in order to increase awareness of SEO poisoning and how site owners can avoid being a victim.
An SEO poisoning attack involves the exploitation of vulnerabilities in content management systems to inject malicious code that alters the content of web pages. The most frequent form of SEO poisoning attack will insert dozens of links to sites the attacker aims to improve the search ranking of, according to web hosting provider ASEOHosting.
More sophisticated attacks would create doorway pages filled with the attacker’s content that immediately redirect users to advertising, affiliate marketing, or malware sites. In both case, the added content will not be visible to normal visitors or the site owners, only to search engine bots.
“SEO poisoning is an old black hat SEO technique that has seen something of a resurgence in recent months,” said ASEOHosting’s Vice President of Customer Relations, Daniel Page. “We’re aware that thousands of sites that have been victim to SEO poisoning attacks, and we feel that it’s important the web community is educated about the technique and its implications.”
The results of an SEO poisoning attack can be serious. Firstly, it’s an indication that a site has an exploitable vulnerability that can be used by a malicious third-party to gain administrative access. Secondly, SEO poisoning attacks are harmful to the site’s own search ranking and can damage its reputation with users.
Risk mitigation for SEO poisoning attacks requires the implementation of WordPress and CMS web hosting security best practices, which include password management policies to ensure secure login credentials are used and the patching of content management systems through their upgrade process.