SEO:Search

Various news sites are reporting that a malware attack was deployed in the last couple of days, apparently based entirely upon black hat SEO tactics. Software security company Sunbelt blogged about how the attack was generated: a network of spambots apparently added links into blog comments and forums pointing…

Google Improvements Fail To Halt Massive Malware Attack

…to the bad sites over a period of months in some cases, enabling those sites to achieve fair rankings in search engine result pages for a great many potential keyword search combinations. The pages either contained iframes which attempted to load malware onto visitors machines or perhaps they began redirecting to the sites containing malware at some point after achieving rankings. Sunbelt provided interesting screenshots of the SERPs in Google:

(click to enlarge)

And also showed some screenshots of some of the keyword-stuffed pages which apparently got indexed:

(click to enlarge)

I think its not at all a coincidence that the attack was timed to occur right on the first weekend of the holiday shopping season and Cyber Monday when more people are likely conducting keyword searches than any other time of year. Deploying the malware now was likely intended to infect as many computers as possible before the malware was detected and the sites deleted from listings.

The methods these unethical developers used are pretty classic black-hat tactics. For many years now, blackhat optimizers have used automated agents to insert keyworded textlinks into blog and forum comment areas and online guestbooks, pointing back to their sites in an effort to built PageRank. In addition, really old and crusty black hat techniques include keyword stuffing ” adding tons of keywords on a page in an effort to make the page relevant for words and phrases. Also, the bait-and-switch technique of allowing one page to get indexed by search engines while redirecting human users to a different URL is pretty well known.

In recent months, Google has apparently been working particularly industriously to penalize more sites that may be buying/selling links or which may be involved in various linking schemes. So much so, that theres been considerable talk about how some of the affected sites mayve been unfairly red-flagged by bad assumptions made by their algorithmic policing software. So, its disappointing that a network of egregious malware sites were able to effectively employ legacy black-hat tactics which ought tove been detectable earlier.

It feels a bit like having the police devote all their time to writing minor speeding tickets while violent murders are happening!

Now, to be fair, any site which appears on the level could suddenly start redirecting to a bad location, and thered naturally be a period of time before the search engine bots re-spider the page and realize that theres malware on it. During that window of time between when it was first spidered while appearing alright and the time later when it starts launching evil, it could naturally continue to appear in the SERPs where innocent people could click on it and get infected. Also, the term combinations that Sunbelt cited were moderately arcane in some cases, so average users might notve been impacted by any significant numbers. It could also be that Sunbelt might well be hyping-up the issue in order to get attention for themselves, so you have to consider their assessment as possibly non-objective.

Even so, just the fact that this rather pedestrian combination of black-hat tactics could be used to effectively poison search results with malware listings is significant and disturbing.

Why wasnt the comment spam detected early on? One assumes that the slow accretion of links over months may notve set off alarms, or perhaps the comment text added was made to be cleverly relevant.

And, the spam-laden content of the pages looks blatantly unnatural to me ” that shouldve also been detectable.

And how about perhaps being suspicious of gobbledy-gook domain names? And, domains ending in .CN? I know gobbledy-gook in of itself might be hard to detect (particularly considering all the gobbledy-gook that still slips past spam filters on email) and unclear in of itself if it represents a bad content site, but youd perhaps expect that one could tell whether the character strings contained patterns which match names/words by some percentage of fuzziness, and red-flag those that dont match more normal naming patterns ” associate lower trust scores or quality scores with them.

Even sadder, some of the domain names involved were so new they shouldve easily been detectable and flagged as suspicious just on that basis alone. For instance, I just looked up registration info for one of the sites IDed by SunBelt, luewusxrijke.cn, and found that itd only been registered on November 24th! Why didnt registrar status provide enough distrust to sandbox these sites?

Comments

Tag: Google, Malware

Add to Del.icio.us | Digg | Reddit | Furl   

As far as I can tell, the Wall Street Journal is peddling pretty much the same old rumours about the imminent arrival of Googles storage tool or GDrive, as Duncan notes over at TechCrunch. The service could let users access documents from different computers, and could be released as early as a few months from now, according to sources. In other words, not much more than MG Siegler of ParisLemon had back in September.

More rumours about Googles GDrive

That Google is coming out with something that offers storage is pretty much a fait accompli at this point (thats French for where the hell is it already). The company already sells storage for GMail and Google Docs users who want more, and as I mentioned in a recent post here, Google has been letting Zoho get out in front on the offline document-editing front, using Googles own Gears tool. Its just a matter of time.

The first sightings of the GDrive in the wild came over a year ago from Corsin Carmichael, who spotted code referring to an internal storage system code-named Platypus (although according to the WSJ, inside Google they refer to it by the creative name My Stuff). And as this Microsoft blog notes, the software giant has had something similar ” Windows Live SkyDrive ” on the market since the summer, although it offers a measly one gigabyte of storage, which is pretty lame.

Of course there are other services such as Amazons S3, Box.net and Mozy, all of which I have experimented with and liked. The actual technology isnt that complicated ” unless of course you want to do live, multiple-user backups of open databases such as Outlook mail files, which the CEO of Mozy once described to me in an interview as a non-trivial task (thats computer engineer talk for really hard).

So will Google just play catch-up, or is it planning to offer something extra? Will it be a game-changer for Microsoft, as Henry Blodget thinks it will? Geeks everywhere are waiting with bated breath.

Comments

Tag: Google, Rumor, GDrive

Add to Del.icio.us | Digg | Reddit | Furl

Have a bookmark! -

Too often, companies “approve” SEO only to treat it as a one-time hit, or a short-term project. Months or years later, when they asked someone else to “do” SEO for them, it is discovered that the company had laid none of the basic foundation for SEO, and it is clear that even the implementation was done incorrectly. Unfortunately, no follow-up or long-term measurement plan is in place that would catch this. In today’s SearchDay, “SEO Expectations and Commitments,” Steve Haar offers some guidelines for those who approve SEO to know what to expect, and what’s expected of them. 

Google wants to be sure Google Maps are accurate and detailed. Upkeep on Google Maps would otherwise be a nightmare, so Googles letting you help. If you see a location that is off (like your own house or a store) you can fix it. After all, you know where you live better than anyone else.

Google Maps - Editing Power to the People

As of today you can log into Google Maps and move the markers so they are in the right place. Unless the business owner or resident has already verified the location. Before you get the bright idea to move your competitors storefront to a dead end, know that anyone can report abuse and changes are logged.

Before long Google will let you edit more than just the location. Youll be able to modify business information or add other details (which Google hasnt detailed). Google has more features coming, such as:

• Sketchup/3D Warehouse, which enables users to contribute texturized
  3D models directly to Google Earth
• My Maps, which provides users with easy-to-use mapping tools for sharing local information with other Google users
• Improve process of submitting reviews in Google Maps

For more information please see our Lat Long blog post (and video!) at: http://google-latlong.blogspot.com/2007/11/think-globally-mark-locally .html

True story: I just left my first Google Maps review last night. Yesterday I went to a hair salon in Salt Lake City and at first didnt have such a great experience (my hair turned out a bit brassy). The owner called me and I went back and they fixed everything and now I have the best hair ever Im a happy customer. I noticed it was tough to find Salon O in Google but they were in Google Maps. Make an internet marketer happy and she will tip you with extra search engine listings!

If you have a local business, make sure its on Google Local Business Center. Its not only free, but it means that a map to your business will show up before search results on local searches. In other words, you cant even buy that position. Encourage your happy customers to leave you a glowing review - after all its almost Thanksgiving and its a quick way to acknowledge your favorite local businesses.

Comments

Tag: Google

Add to Del.icio.us | Digg | Reddit | Furl

Have a bookmark! -      

Yesterday afternoon, the prosecution asked, “Is the Social Media Press Release a Meatball Sundae?”

A short time later, the defense made its case on the PR 2.0 blog in a post entitled, “Ladies and Gentlemen of the Jury, The Social Media Release is not a Meatball Sundae.”

As a member of the jury, you should read both posts — and then look forward to both the prosecution and the defense calling expert witnesses to take the stand. Each of these witnesses will be asked to tell the truth, the whole truth, and nothing but the truth.

The prosecution will not rest until all the facts in this culinary disaster have been examined. 

At The Kelsey Group’s Interactive Local Media 2007/Search Engine Strategies Local show today in Los Angeles, the Yellow Pages Association launched a mobile section to its Local Search Guide. The Local Search Guide provides information on Internet Yellow Pages, search engines, search tools, vertical directories, and now profiles local mobile tools including voice-based search and free directory assistance providers.

According to a Local Search Guide home page poll, 66 percent of visitors are using mobile phones to search for local information. Of these voters, 37 percent say they use free directory assistance, 17 percent most often use SMS/text messaging and 12 percent say they use downloadable mobile search applications to find local information. An additional 34 percent report not using mobile search because the experience is frustrating. 

Google Maps has gained some more features from Google Earth this week, including the ability for a group to collaborate on map updates, and the addition of a terrain maps feature, according to the Google Lat Long Blog.

The collaborative map-making option lets multiple people edit the same My Map by clicking on the ‘Collaborate’ link and enter the email addresses of the people you want to invite. Users need to be signed into a Google Account that’s associated with that email address. Users can also allow anyone to edit a map.

Terrain maps focus on physical features such as mountains, valleys, and vegetation, with labels for even very small mountains and trails. They are enhanced with subtle shading that can often give a better sense of elevation changes than a satellite image alone, according to Google

As Duncan Riley notes on TechCrunch, these two features were among the remaining differences between Google Maps and Google Earth. Google has been moving more and more features into Google Maps since it acquired Keyhole Software in 2004 for its satellite imagery technology.  

The search marketing world continues to expand in all sorts of ways. In an SEO strategy, widgets can be extremely effective gaining exposure for the content and tools featured on a site. In today’s By the Numbers column, “SEO for Widgets: CLIQ Case Study,” Eric Enge shares an exclusive preview of a new SEO case study of a beta widget called CLIQ, developed by Offermatica, Otto Digital, and StepChange. 

Searches are up all over the world, and it’s an interesting juxtaposition to think of the rest of the world as “emerging” compared to North America and Europe. In today’s Searching for Meaning column, “Understanding the Global Search Marketplace - Part 2,” Kevin Ryan looks at some global search data provided by comScore to see if any search provider is staking a claim to the title of global search leader. 

Is Facebook really trying to steal Google’s fire? Should we just call it Faceboogle? Maybe not. See the full post in the extended entry; it was originally published in MediaPost. Imagine if Picasso painted a search engine results page from Google. It would probably wind up looking like Facebook, which continually draws inspiration from search engines as it rolls out its services for marketers.

What Facebook Learned from Search

The most striking word that came up repeatedly when I heard someone from Facebook present was algorithm. Its the algorithm that determines how many stories appear in the News Feed, which users members share connections with, and which types of actions are involved. It knows which friends youre most closely connected to, not just based on how you interact with them, but by factoring in when you and your friends independently interact with the same content. This algorithm might know who your friends are better than you do.

Facebook creatively refers to the area to the left of the News Feed (and any other page) as the Ad Space. The major difference between the Ad Space and paid search is that theres no mistaking that the Facebook ads there are in fact ads. Whether with search ads or even contextual links, its sometimes hard for consumers to discern where the content ends and the ads begin. Few consumers should have any confusion on Facebook. For more on Facebook ads, see the previous columns on ad targeting by interest and member responses to targeting.

Paid Inclusion: Sponsored Stories

Paid inclusion has served as the hybrid blend of natural and paid search results. With search, paid inclusion links are never labeled as ads, as the engines that have offered this (Yahoo being the longest-standing advocate) have said sites only pay to get included, not to improve their ranking. With Facebook, Sponsored Stories appear in the News Feed and are clearly labeled as sponsored, but they reap many of the same benefits as organic News Feed stories. Sponsored Stories also include Social Ads, which appear when a members friend interacts with an advertisers Facebook Page or Application.

Now What?

One of the classic questions with search engine marketing is how to prioritize using natural and paid search. With Facebook, those questions are even more challenging, since its harder to determine the return on investment (if you get 10,000 people to add your Facebook Page as a friend, whats that worth?) and best practices are just starting to emerge.

The cheapest options are the self-service ads, which can be tested on shoestring budgets, especially when limiting their placement to the Ad Space (running them as Sponsored Stories requires significantly higher bids) and Facebook Pages, which are available for free but must
be promoted somehow (Facebooks preference: through advertising). Pages, if done well, also require evelopment resources, just like Applications, and Pages require even more management resources in terms of monitoring comments and updating the page. The immediate goal is to attract more clicks by going viral and appearing in members News Feeds. The process shares much in common with search engine optimization.

Facebook draws inspiration from search engines and how marketers use them, but Facebooks not trying to be Google. Google, after all, is best at sending its users to other sites. While Facebook can do that with Beacon, it is much more interested in drawing its members deeper into Facebook and emerging as the newest portal.

So who is Facebook trying to be? Can you think of any portals that became a major name in search while experimenting with their social
media strategy, one that still offers paid inclusion, and one that, like Facebook, is repeatedly rumored as a takeover target for Microsoft? Thats the company that needs to worry about getting outfoxed by Facebooks algorithm.

Comments

Tag: Google, Facebook

Add to Del.icio.us | Digg | Reddit | Furl

Have a bookmark! -