Wed 13 Apr, 2011
Tags: internet, internet security, web security
SEO–”search engine optimization”–is a set of tools and practices used by both legitimate webmasters trying to jockey for position in the rankings of search engines and by spammers attempting to push up, temporarily or otherwise, fly-by-night domains selling dubious products. In some less-served areas, SEO-promoted domains may outnumber legitimate domains by many to one; combine this with redirections, link farms, and the like, and it becomes much more difficult to determine a legitimate source for any products, services, or information that you might happen to need.
Traditionally, the way in which this has been dealt with by blog and forum owners is to filter or delete spam posts. This particular blog is frequented by any number of spammers who attempt to skew ratings with contentless comments linked to suspicious domains hawking–apparently, as I’m not stupid enough to follow those links–anything from viagra to discount financial instruments to “discount” rolexes.
Another approach has become apparent, though, especially with the advent of certain attempts by search engines of note to restrict the efforts of these “blackhat SEO tactics”–an approach that can be labeled SEP, for Search Engine Pessimization.
‘Traditional’ optimization techniques seek to raise the ranking of a page through exploiting the algorithms used to generate the pagerank–generally assumed to involve links from external pages, keywords in links pointing to the page, and several other factors; Google is, naturally, reticent about the exact specifications of their algorithms, especially given the amount of money people gain from trying to guess at them.
Blackhat SEO–those tactics which have been developed to exploit these rankings–take advantage of these techniques by exaggerating them, trying to imitate legitimate traffic through spamming fora with spurious links, farming keyworded domains and cross-linking them in giant link farms, etc. Many of these techniques have been detected, and some have been well publicized by Google and other search engine companies as no longer effective because they are automatically detected and deprecated by the engine.
The attack venue here should be obvious: to pessimize an undesirable domain, promote it through the use of known-bad ‘optimization’ techniques.
These techniques can be determined by looking through complaints filed about ‘arbitrary’ reductions in pagerank and the like; by determining the cause of the reduction, a list of methods and tactics can be quickly developed that will serve to indicate to the automated algorithms that a site is attempting to ‘game the system’ and gain unjust ranking, triggering the part of the algorithm that punishes those sites.
An interesting supplementary tactic is that of googlebombing. Googlebombing is the practice of using certain SEO techniques to associate a given keyword–usually one with amusing connotations–with a particular page; one of the more publicized ones involved former president Bush and the word ‘failure’. Associating unsavory words or those involving illegal activities with a domain could, in this day and age, result in the domain’s siezure by the authorities–a win-win situation, as every domain siezed for the wrong reasons weakens the case of this rather nonsensical practise, and it also neuters the spammers by disabling a venue by which they could potentially make money.
Maximum benefit, though, would likely result from linking in some way the domain to be pessimized with known-bad domains–those serving malware, those known to be scams, etc.–thus alerting the search engines’ spiders of a potentially harmful connection as soon as possible. Using extensions to report spam is also effective.
There is always a race between those innovating ways to make search and the like more relevant to the user and those seeking to exploit it for their own reasons; manipulating search engines to punish spammers is one way in which anyone who dislikes spam can fight back.