Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Security Research

Blackhat SEO Numbers For December 2010 (Part I)

January 05, 2011 - 2 min read

Blackhat spam SEO was very prevalent in 2010 and it is not likely to disappear in 2011. I've compiled a few statistics on Blackhat spam SEO pages found in Google search results during December 2010:


  • Number of spam pages:  4,814
  • Number of spam domains: 428
  • Number of malicious sites: 483

I usually limit my Google scans to the first 10 pages of results, so there are likely many more spam pages in Google's full index.

Malicious sites

Fake AV pages are still the most popular type of attack, accounting for 85% of all malicious sites. Next in line are fake software stores, with 6% of the sites. I'll give more details about this type of attack in a future blog post.

5% of the malicious sites were unreachable, and could not be classified.




Types of malicious sites: mostly fake AV




44% of the malicious sites use a .IN domain name. 25% use a .COM extension, and 16% use an IP address without a domain name. .CC domains represent only 4% of all malicious domains. .CO.CC used to be the most popular TLD for fake AV pages, but it is now .IN



Malicious sites by domain extension


Spam pages

I found 428 legitimate sites hosting 4,814 spam pages in Google search results. That's an average of 11 spam links per domain within the top ranks for popular searches.

The spam sites are found all over the world: 31 different TLDs were found amongst spam sites. The international .COM extension was found in 58% of the sites, .ORG in 8% and .NET in 6%. The .EDU TLD represents 10% of the total. HJacked college websites were mostly to lead to fake software stores.









Spam sites by domain extension




Most dangerous searches

356 Google searches contained at least one malicious spam link in December 2010.

The most dangerous searches relate to buying software online, and lead to a fake store. The most dangerous popular search (shown in Google Hot Trends) was for "sherwood blount" with 63 spam links amongst the first 100 search results!






Top-10 most dangerous Google searches in December 2010

I am still compiling the numbers and will do another post on the topic shortly. It looks like malicious Blackhat spam SEO will still be a major threat, if not the most significant threat to users in 2011.

-- Julien



Explore more Zscaler blogs

A cyber criminal shopping for malware
Agniane Stealer: Dark Web’s Crypto Threat
Read Post
Business people walking through a city
The Impact of the SEC’s New Cybersecurity Policies
Read Post
Digital cloud illuminated in blue
Security Advisory: Remote Code Execution Vulnerability (CVE-2023-3519)
Read Post
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region
Read Post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.