Phishing with Blackhat SEO

Recently, I’ve been wondering about whether hackers could establish clickjacks that show up in Google’s top search results for certain keywords. Blackhat SEO strategies would involve creating web content that focuses on popular stories in the media. For instance, the sites might use content that is dense with keywords related to a chart breaking musical group, or they might focus on Lindsey Lohan.

The subject matter isn’t really all that important as long as it’s popular, so let’s just assume that the fictional group Tailspin has released the number one single in America. A blackhat SEO specialists develops content that focuses on Tailspin-specific keywords. This helps the post reach a higher spot in Google search results.

Just including keywords isn’t going to cut it. The blackhat SEO specialist would also have to include incoming and outgoing links that make the page seem important enough to Google’s ranking parameters. If someone had control of enough pages, then this would be very possible. It would, however, take a lot of work.

Assuming that the clickjacked page attracted a fair number of visitors, it would start to move up the ranks toward the first page search results. Eventually it could become the most popular post about Tailspin.

This scenario is possible. But is it likely? Do we really have anything to worry about?

I’m leaning towards “no.” Here’s why…

This is a phishing strategy that relies on thousands of people falling for the setup. The page would, therefore, already need a good rank just to work at all. Since top search results in Google are usually dominated by popular blogs and online magazines, it’s unlikely that the clickjacked site would ever gain prominence.

I think that concerns over clickjacked Google results also deny the reality of SEO services. Professional agencies spend months developing sites that will hit top rankings, and they charge a lot of money for the service. Assuming that the same level of work goes into the clickjacked link, the Blackhat SEO specialists could actually make more money finding a real client. Who would spend hours and hours of work without any guarantee of even the slightest level of success.

And the final reason. I think that Google would catch on to this pretty quickly and remove the clickjacked page from its results.

Does this mean that Blackhat SEO phishing attempts cannot work? No, it just means that it’s very unlikely. I wouldn’t say that it’s impossible. But if I say it’s never going to happen to you, then I’ll probably only be wrong once in a million times.


Explore posts in the same categories: Uncategorized

Tags: , , , ,

You can comment below, or link to this permanent URL from your own site.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: