As an e-Retailer, you typically collect customer feedback on product web pages in your online catalog and provide customers with useful information to make an informed buying decision. However, your good intentions may backfire on you if malicious spammers use “spamdexing” to pollute your website with rogue URLs/links that can impact your online business and brand reputation.
The Spamdexing Problem
“Spamdexing” is derived from “spam” and “indexing,” which refers to a practice of skewing search engine results. It involves stuffing rogue links into a website, to manipulate or elevate the placement of that link on a search engine’s results page. Such links can be propagated by comment spams, unbeknownst to the owner of a website.
Going back to the e-Retailing example, malicious comment spammers and spambots could introduce rogue links in the customer feedback section for a product (e.g. 65” HDTV) on vendor A’s website, and make it points to vendor B’s competing product. When a potential buyer is searching for that product (“HDTV” in this example), the search results will rank vendor B over vendor A’s product. The altered ranking could adversely impact vendor A’s business.
Spamdexing Mitigation on SecureSphere WAF
A new Spamdexing feed is now available with the Imperva ThreatRadar Community Defense service, which enables Imperva SecureSphere Web Application Firewall (WAF) to block all URLs that are known to be involved with multiple comment spam attacks. Imperva SecureSphere Community Defense subscribers will be automatically protected against spamdexing.
Customers can subscribe to other threat intelligence services from ThreatRadar, which enables the industry leading SecureSphere WAF to proactively defend against various types of technical that exploit vulnerabilities in applications and automated web attacks which abuse application functionality.
How is Imperva’s Solution Different?
Existing solutions offer little to no protection against Spamdexing attacks since they rely mainly on IP reputation-based detection, which can lead to more false positives.
Imperva SecureSphere WAF offers a better solution in that it collects URLs which repeat in high volumes in various web applications, and correlates them with the IP reputation ratings of clients to accurately detect a spamdexing attack.
Please contact your local Imperva sales teams and stay tuned for more exciting things on the spam protection front from Imperva.