Search Engine Poisoning (SEO Poisoning)
The manipulation of search engine rankings to place fraudulent or malware-hosting sites prominently in search results for terms victims are likely to search.
Also known as: SEO poisoning, malicious SEO, search poisoning
Last reviewed: 10 June 2026
SEO poisoning involves using black-hat search engine optimisation techniques — keyword stuffing, link farms, compromised high-authority websites, or paid placements — to rank malicious sites highly for targeted search queries. When victims search for something like 'bank customer service number' or 'download free antivirus', the top results may point to fraudulent pages or malware installers.
This technique is particularly effective because users inherently trust search engines to surface legitimate results, and the padlock icon only confirms a TLS connection — not that the site is legitimate. Paid ads impersonating brands (typosquatting via Google Ads) also fall into this category.
Navigate directly to official websites using bookmarks rather than searching for them. Be especially sceptical of top results for searches involving customer service contact numbers, as these are a primary target for SEO poisoning.
Examples
- A fake bank customer-service number ranks at the top of search results; callers are asked for account details to 'verify identity'.
- A malware-distributing site appears as the top result for 'download [popular free software]', serving trojans to victims expecting legitimate installers.