Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

The head of Google’s Web-spam-fighting team, Matt Cutts, warned last week that spammers are increasingly hacking poorly secured websites in order to “game” search-engine results. At a conference on information retrieval, held in Boston, Cutts also discussed how Google deals with the growing problem of search spam.

Search spammers try to gain unfair prominence for their Web pages in search results, thereby making money from the products that these sites offer or from advertising posted on them. The practice, also known as “spamdexing,” exploits the way search engines’ algorithms figure out how to rank different pages for a particular search query. Google’s page-rank algorithm, for instance, in part gives prominence to pages that are heavily linked to other material on the Web. Spammers can exploit this by adding links to their site on message boards and forums and by creating fake Web pages filled with these links. Garth Bruen, creator of the Knujon software that keeps track of reported search spam, says that some campaigns involve creating up to 10,000 unique domain names.

“We’re getting better at spotting spammy pages,” said Cutts after his talk, adding that spammers are increasingly hacking legitimate websites and filling their pages with spam links or redirecting users to other sites.

“As operating systems become more secure and users become savvier in protecting their home machines, I would expect the hacking to shift to poorly secured Web servers,” said Cutts. He expects “that trend to continue until webmasters and website owners take precautions to secure Web-server software as well.”

“I’ve talked to some spammers who have large databases of websites with security holes,” Cutts said. “You definitely see more Web pages getting linked from hacked sites these days. The trend has been going on for at least a year or so, and I do believe we’ll see more of this.”

Bruen agrees. “We’ve seen an increase in spam e-mail and spam domains that not only sell illicit products, but that attempt to download malware and infect the visitor’s PC,” he says. Such malware could use an unknowing victim’s computer to send out e-mail spam.

“It really is an arms race,” says Daniel Tunkelang, one of the conference organizers and the chief scientist at search company Endeca.

6 comments. Share your thoughts »

Credit: Technology Review

Tagged: Web, Google, security, hackers, spam, cross-site scripting

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me