If you’re one of the lucky blogs that have a good Pagerank and Alexa ranking, your blog could be in danger. In most cases, bloggers work hard to obtain good ranking scores and cyber crooks look for those same ingredients to target attacks.
Cyber crooks are using Black Hat SEO to create backlinks to malicious web sites by leaving commentary on many popular blogs. These tactics could place blogs in bad neighborhoods which will ultimately hurt a blogs reputation.
In 2009, analysis showed that 95 percent of comments posted to blog or chat forums were spam or links to nasty payloads.
Search Engine Optimization (SEO) poisoning attacks were a favored tactic, piggybacking on hot topics such as celebrity deaths or major disasters to lure people to websites designed to infect computers.
“It is pretty scary,” said Websense security research manager Stephan Chenette. “Attackers have been moving in the same direction as Bing and Google with real-time search results.”
The rival Internet search engines have been improving results pages to feature fresh content such as Twitter posts in real time.
Hackers use armies of infected computers referred to as “botnets” to host a plethora of bogus websites and swiftly lift links high into Internet search results based on hot topics at any given moment, Chenette said.
“They use botnets nowadays to give them control over search engine rankings,” Chenette said of hackers. “They are jumping on the band wagon of any big event; at a drop of a dime they can instruct botnets to run websites and raise those links high in searches.”
Websense found that 13.7 percent of the time trick websites rigged with “malware” were included in the top 100 results for searches conducted using words from Yahoo! Buzz or Google Trend hot topics tracking services.
Check out this article: Why You Should Moderate All Comments in WordPress
Source: Statistics by Websense.
Thanks for this warning. I have a blog with a decent ranking both with google and alexa and it’s a dofollow blog. I have lots of decent commenters but there are also lots of spam comments that I get. You are right, we should all be vigilant in knowing what are decent comments and those that are not decent and one thing that could also help is by the use of akismet or other wp plugins effective for blocking spam comments.
Andrew,
Pay attention to the source code and especially the header and footer for any iframe code.
Just ban all India IPs j/k
i do agree we must be keen in accepting comments that looks suspicious and unwanted ones. This is very frightening specially you’ve got a good reputation on search engines. It is a tragic scenario to be a victim.
With the plug-ins on WP will do. I do agree with Andrew. Thanks for sharing this insights for us to know more regarding this things.
I have seen a sharp increase in the number of website hacks lately. Seems Black Hat’s are targetting the HTACCESS files to reroute traffic.
The good thing is WordPress comment system is by default nofollow and bad thing is, they are visible. We can hide those links but that will be bad for commenter so it is always good idea to moderate comment each time.
On my blogs I approve every comment. I only approve those comments where they obviously read the post. Those “Great article” type comments don’t make it online. I will often even click on the commenter’s site to see if I approve of the content. It works fine for me, but if I had huge blogs I would probably need to find another way.
Matt,
I still moderate every comment. It keeps me in control.
A friend of mine has just had the .htaccess method used on his website. His front page loaded fine so he didn’t suspect anything till his traffic stats in google analytics etc dropped to near zero.
any page other than the front page redirected to some spam/hacker site.
Andrew,
That’s common with this tactic. A page can look and load fine, but it’s the hidden code that can cause many issues for the sites rankings.