In the world of search engine optimization, the words ‘black hat’, ‘cloaking’ and ‘IP redirects’ are familiar expressions. So are terms like ‘keyword stuffing’, ‘invisible text’ and ‘doorway pages’.
Google fights hacking attempts, unethical and spamming practices every minute of every day. They have hired the best of the best to combat the rogue internet butt-heads out there.
Traditional cloaking within SEO is often related to spamming search results so that when a user clicks a link, it ‘redirects’ to another website (there are several others). If you searched for ‘baby strollers’ and a click from Google results takes you to a Viagra site – well, that’s an example of the worst kind. You are now hurting human beings as well… Google truly hates anything to do with it (that’s the technical term), but of course – you cannot hurt a software engine. (That’s part of the allure of hackers – try to beat the “Google giant” – and make (tons) money in the process – until they get shut down). Bottom line: if search results are not good/relevant to the query, Google doesn’t make money.
Now, enter a new bug to the Internet world: Cloaked links for Social Media. To a tech person, it’s perhaps not new (a link is a link is a link), but to the average social media user, it can be a scary situation: Your PC can be totally infected from a (seemingly) trusted link within Facebook, for example. It’s too late – you may find that your entire PC has been compromised, infected.
What can you do?
Before we continue, let’s look at the landscape of social networks. Twitter and Facebook are hugely popular. Twitter is over 200 million strong, is free to use, and anybody from top official government, celebrities, pizza stores and food trucks use it. (Christina Aguilera just joined). Facebook’s user count is growing fast, and sits at over 600 million users now.
“40% of social-network users encountered malicious attacks, a 90% increase from April 2009” – antivirus firm Sophos
A more recent experiment from network security firm Dasient showed how easy it is to create a social media/network account, and use it to distribute malicious links across the service.
Most of the users tend to click on these links, they are not familiar with these, and they feel safe in “their” social network. The links can scam you into buying stuff that gets downloaded to your PC, and even steal from financial accounts. Facebook is the number one target, but their filtering systems are very effective, says Facebook spokesperson Frederic Wolens.
However, Dasient set up an experiment with new accounts at 11 social networks, and discovered that none of them prevented injection of these types of malicious links. Google has a list of poisoned websites, but these links did not get blocked from 9 of the social networks tested.
Watch the video of the Facebook cloaked links, spreading fast (from Sophos). The rule is: don’t click on links that you are not expecting, and DO NOT install any applications you are not familiar with.