homepage Welcome to WebmasterWorld Guest from 54.161.192.130
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Google / Google SEO News and Discussion
Forum Library, Charter, Moderators: Robert Charlton & aakk9999 & brotherhood of lan & goodroi

Google SEO News and Discussion Forum

    
Forcing "I'm Feeling Lucky" by URL extension.
grelmar

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3545342 posted 10:25 pm on Jan 10, 2008 (gmt 0)

I just read this security notice from F-Secure [f-secure.com] and something in it caught my eye.

Apparently, if your URL ends in btnI=745, and the link comes up as #1 in the results, it forces the "I'm Feeling Lucky" function to trigger and automatically re-directs the search to the linked page.

I had no idea this was possible, and I'm quite sure that it's a very bad idea to try it.

Am I out to lunch here, IE: the last person to find out about this?

[edited by: tedster at 10:40 pm (utc) on Jan. 10, 2008]
[edit reason] switch to a permalink [/edit]

 

tedster

WebmasterWorld Senior Member tedster us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3545342 posted 10:47 pm on Jan 10, 2008 (gmt 0)

There are a few other such tricks out there in the wild as well. The extra parameter in the query string turns a link to a google url into a link to the spammer website.

We touched on this last Fall a bit, along with exploits that used the Google Redirector:
[webmasterworld.com...]

grelmar

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3545342 posted 4:59 am on Jan 11, 2008 (gmt 0)

Thanks Tedster.

I read through that other (very brief) thread, and I'm still unclear as to why G might think that allowing this is a good idea. It seems all too easy to game.

In the case that F-Secure listed, the search query term was so specific as to make it easy to take the #1 spot in order to achieve the desired effect of making the link a re-direct through google.

This makes an easy game for scammers, spammers, and phishers, who can use the method as a way of by-passing e-mail based blacklists.

Why doesn't G just shut it down?

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Google / Google SEO News and Discussion
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved