Blackhat spam SEO was very prevalent in 2010 and it is not likely to disappear in 2011. I’ve compiled a few statistics on Blackhat spam SEO pages found in Google search results during December 2010:
- Number of spam pages: 4,814
- Number of spam domains: 428
- Number of malicious sites: 483
I usually limit my Google scans to the first 10 pages of results, so there are likely many more spam pages in Google’s full index.
Malicious sites
Fake AV pages are still the most popular type of attack, accounting for 85% of all malicious sites. Next in line are fake software stores, with 6% of the sites. I’ll give more details about this type of attack in a future blog post.
5% of the malicious sites were unreachable, and could not be classified.
 |
| Types of malicious sites: mostly fake AV |
44% of the malicious sites use a .IN domain name. 25% use a .COM extension, and 16% use an IP address without a domain name. .CC domains represent only 4% of all malicious domains. .CO.CC used to be the most popular TLD for fake AV pages, but it is now .IN
 |
| Malicious sites by domain extension |
Spam pages
I found 428 legitimate sites hosting 4,814 spam pages in Google search results. That’s an average of 11 spam links per domain within the top ranks for popular searches.
The spam sites are found all over the world: 31 different TLDs were found amongst spam sites. The international .COM extension was found in 58% of the sites, .ORG in 8% and .NET in 6%. The .EDU TLD represents 10% of the total. HJacked college websites were mostly to lead to fake software stores.
 |
| Spam sites by domain extension |
Most dangerous searches
356 Google searches contained at least one malicious spam link in December 2010.
The most dangerous searches relate to buying software online, and lead to a fake store. The most dangerous popular search (shown in Google Hot Trends) was for “sherwood blount” with 63 spam links amongst the first 100 search results!
 |
| Top-10 most dangerous Google searches in December 2010 |
I am still compiling the numbers and will do another post on the topic shortly. It looks like malicious Blackhat spam SEO will still be a major threat, if not the most significant threat to users in 2011.
– Julien
Related Posts
- Blackhat SEO numbers for December 2010 (Part II)
This is a follow up to the numbers I presented in Part I, which discussed malicious spam pages in Google results and the malicious that sites they redirect to.
Google warnings
The number of spam pag... - Analysis: Spam report: December 2010
The amount of spam in email traffic increased by 0.3 percentage points compared to November and averaged 77.1%.
Full story: Securelist / All Updates... - F-secure internet security 2010 part 1
CSA DISCLAIMER: This video taken from YouTube. As well as any other video found on this site is not hosted here, it just embedded, and it taken randomly by our system from video hosting services lik... - This Month in the Threat Webscape – December 2010
This Month In The Threat Webscape - Monthly roundup for December 2010...(read more)
Full story: Security Labs... - Phishing, Spam and Malware Statistics for December 2010
Most abused TLDs
The trend we observed in the last months when the non “classical” TLD increased massively continued in December as well. Contrary to November, where the .com has seen a slight incre... - NoVa Hackers: December 2010
Blended Threats by EvilFingers NoVa Hackers December 2010 (by Georgia Weidman) In the previous month’s NoVA Dec 2010, I presented a paper on Blended Threats (Intelligence: Data Acquisition). En... - Analysis: Monthly Malware Statistics, December 2010
The tactics used by the cybercriminals remained the same. Surfing the web is still a dangerous pastime, while social engineering is routinely used to entice users into opening malicious links or down... - Microsoft Patch Tuesday – December 2010
Hello and welcome to this month’s blog on the Microsoft patch release. This is another large release —the vendor is releasing 17 bulletins covering a total of 40 vulnerabilities.
Eight of... - Spam and Phishing Landscape: December 2010
The volume of spam continues to drop. We have been monitoring the decline in overall spam volume over the last few months, and the downtrend continued in November. The average daily volum... - December 2010 Patch Tuesday will come with most bulletins ever
According to the Microsoft Security Response Center, Microsoft will issue 17 Security Bulletins addressing 40 vulnerabilities on Tuesday, December 14. It will also host a webca...
Posted on 09 February 2011. Tags: 2010, Blackhat, December, numbers, Part
