New spam attack on Google - Google Search and SEO forum at WebmasterWorld - WebmasterWorld

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

New spam attack on Google

supafresh

7:47 pm on Feb 24, 2010 (gmt 0)

10+ Year Member

I’m not allowed to share the key phrases on here but I’d like to share the crap I’ve been dealing with.

I’m seeing a network of hacked sites with complex landing pages that
Scrape RSS Feeds, Twitter and Search Engines. Its then mix it all together into a custom landing page that very keyword rich and have tons of content.

They have fake Googlebot detection and replace the spam page with the words “hi” so if you try to visit the site by changing your user agent it can see past that and gives you another fake page.
They must be cloaking because it does not match what is in the Google cache.

When you click on a link in the SERP of one of these pages you are redirected and it prompts you to install malware /spyware.

These pages are ranking REALLY well. Over 5 pages of results including 1st page from 5th keyword down are affected so far.

It’s unreal and not the first time this has happened. A few months ago I also noticed this and reported it to Google web spam team. It took them 2 weeks to clear it out.

tedster

9:00 pm on Feb 24, 2010 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Is this another go from the bunch that offers fake anti-virus software?

supafresh

9:05 pm on Feb 24, 2010 (gmt 0)

10+ Year Member

Yes its fake anti virus software.

blend27

9:09 pm on Feb 24, 2010 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

on should be via

supafresh

9:24 pm on Feb 24, 2010 (gmt 0)

10+ Year Member

Finished Filling out my spam report. This one is a bit more advanced then last time. I see 7 variations of keyphrases vs the single key phrase used in the inital spam attack.

bwnbwn

9:24 pm on Feb 24, 2010 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

supafresh I bet this is the same thing I see in my Google Alerts and why i have quit checking any alerts.
I was fooled several times with the alerts due to the url's the alert was coming from. It was the anti virus malware scam that I was hit with.

This is very hard to report due to the sites/url's are good ones and they just keep changing them as they are detected.

Like the hackers are only using x number then move on to another group when these are detected.

BillyS

9:35 pm on Feb 24, 2010 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

I don't want to hijack this topic, but I think this may be related...

I was on a computer hardware site. When I clicked on an article, the page came up then I got redirected to the same type of site - fake anti-virus software.

I'm extremely cautious (firewalls, antivirus) and I was shocked because I don't remember clicking anything but an article page. I did some checking and my machine was clean. Then I thought that hardware site was hacked.

Everyting was fine with the machine, then I went back to that site again and same thing. That was about a week ago and nothing since. Strange.

That fake anti-virus stuff is the worst, the first time I saw it I thought it was from my machine - it looked like a Microsoft message.

[edited by: lawman at 11:42 pm (utc) on Feb 24, 2010]

supafresh

9:55 pm on Feb 24, 2010 (gmt 0)

10+ Year Member

supafresh I bet this is the same thing I see in my Google Alerts and why i have quit checking any alerts.
I was fooled several times with the alerts due to the url's the alert was coming from. It was the anti virus malware scam that I was hit with.

This is very hard to report due to the sites/url's are good ones and they just keep changing them as they are detected.

Like the hackers are only using x number then move on to another group when these are detected.

Yes, the urls are from legitimate domains. The problem is these pages are not in the normal sitemap of the site or navigation so these orphaned pages are ranking via the network the hacker/spamm has created.

Alot of the sites can be identified easily because the domain has nothing to do with what i searched for.