Saturday, May 17, 2008contact us

RECENT ARTICLES

Parasitic Hosting

This is an approach to ranking web spam that has become very popular over the last few years.  The spammer gains control of user accounts on trusted sites, such as a university website, and places content on the site containing a series of redirected pages which send the user to the spammer’s site.  In a successful parasitic hosting attack, the spammer will gain access to thousands of different sites, using honeypots, trojans and other strategies so they can elevate their content in the index.

At the center of the attack is a single page that the spammer wants to rank.  Here we see all of the university websites listed on Yahoo! with pages related to “play texas holdem”:
http://search.yahoo.com/search;_ylt=A0oGkjYwM19HO7oAE4ZXNyoA? p=play+texas+holdem+site%3A.edu&y=Search&fr=&ei=UTF-8 .

Here we see the same search on Google:
http://www.google.com/search?
q=play%20texas%20holdem%20site%3A.edu&sourceid=groowe&ie=utf-8&oe=utf-8

Obviously, these Universities have no vested interest in Texas Holdem sites or promoting individual poker games.  These searches quickly demonstrate that hundreds of thousands of pages have been created by black hat spammers to use the authority and trust that university sites have earned in order to trick the engines and deliver traffic to their sites.  Repeating this search with any porn or pharmaceutical terms will demonstrate similar results.

A variation of the parasitic hosting attack is authority hijacking.  Here the spammer creates a  listing or page on a trusted site and then links specifically to that listing on the third-party site in order to rank on its own authority.  The spammer then expects the user (or at least some of them) to click on the link within the target page.  In this case the patsy is Comcast.net and the attack is targeting “play texas holdem”.  Note the number 1 search results on Yahoo!
http://search.yahoo.com/search? p=play%20texas%20holdem is for
search.comcast.net.  In this instance, the spammer is thegoodhand.com and they are hijacking site authority from Comcast to fool Yahoo!