Blackhat SEO spam is a global problem

If you have wondered whether to switch your go-to search engine for another – perhaps more localized? – in order to avoid the seemingly ubiquitous poisoned search results, wonder no more: Zscaler’s senior security researcher Julien Sobrier has explored the options for you.

He searched for “Buy Windows 7 key” via a number of search engines. He chose those particular search terms because fake online stores are a particularly persistent aggravation for people searching for products online, and he took into consideration only the first twenty results delivered.

The numbers for Google (12 out of 20), Bing (10/20) and Yahoo (14/20) weren’t great, but Russian’s Yandex and China’s Baidu returned 20 out of 20 fake online stores and malicious pages leading to fake AV.

Google’s German version offered only two bad search results out of 20, but Yahoo (19/20) and Bing (17/20) will disappoint its user who prefer the localized versions.

On the other hand, Yahoo’s Italian version returns perfect results – zero fake or malicious results. Google’s returns bad ones in 13 cases out of 20, and its French version does similarly (12/20).

French portal/search engine Voila offers no bad links, but that’s probably due to the fact that it always gives priority to websites located in France, and the majority of the sites pushing out spam are located in the US, belonging to that country’s universities.

Finally, he tried DuckDuckGo, a search engine that uses information from crowd-sourced sites such as the Wikipedia, “answer engines” such as Wolfram Alpha, and other sources, to create relevant results. But, alas, no extra luck was to be found there: 12 out of 20 results were still spam.

Judging only by the screenshots he included in his blog post, I wonder why he didn’t use a translation of the search terms in the various languages corresponding with the local versions of the search engines, and – if he had – how would that affect the results.

Nevertheless, I can appreciate the insights garnered through this “exercise”.




Share this