Security Insights

SEO Spam Attacks Are Getting Harder To Spot

SEO Spam Attacks Are Getting Harder To Spot

Spam SEO pages used to be very easy to spot: no Javascript, no style sheets, no images, etc. and  usually just a single link. They only text on the page relevant to the spam was generally a set of short paragraphs, as shown below:

Typical old-style SEO spam page

Recently however, these pages have been changed to look more like a regular web page. They look like a web page taken out of a news site, with multiple columns, images, links to legitimate sites, Javascript, etc. You have to look closer to realize that the text does not make sense - words are cut in the middle, images are not related to the content, and the style is not quite right (misalignment, overflows, etc.)
New style of SEO spam pages on the hacked site

These pages are much harder to recognize as computer-generated spam. At first glance, they look like legitimate pages. Fortunately, spammers still use the same type of URLs. The screenshot above was taken from hxxp://, where the search term "Williams syndrome" is part of the query string.

Another common layout for spam pages mimics MTV's website:

Spam page looks like MTV's site


Spammers and attackers are constantly innovating to stay under the radar.  This is another step to hide their malicious intent from the search engines.

-- Julien


Get the latest Zscaler blog updates in your inbox

Subscription confirmed. More of the latest from Zscaler, coming your way soon!

By submitting the form, you are agreeing to our privacy policy.