Attacking Curiosity

Even as most savvy business owners begin to grasp the significance that search engine optimization, or SEO, can play on their sites' popularity and click-through rates, so, too, are the denizens of the seamy underside of the cyberworld. High-tech security researchers warn that the bad guys are taking advantage of SEO to boost the page rankings of infected sites and spread malware for their financial gain.

Criminal hackers realize that most users trust Google search results implicitly, so they're gaming that system with a new attack technique called SEO poisoning. The idea is simple: Use SEO fundamentals to get a malicious site high up within a popular search term's results, trick searchers into clicking to the site and then hit them with something like a scam offer for fake antivirus software or a drive-by download.

The attack scheme has surged in popularity among hackers in the past year. Search topics ranging from the BP oil leak to World Cup mania have all returned top results littered with infected sites.

Business owners and their employees need to be vigilant about the potential for such attacks: Make sure to have antivirus software and keep the operating system and applications updated. Security companies also offer free browser plug-ins that automatically sense whether a site is malicious and warn you directly within your search results.