Is your site safe from fake Googlebots?

Security

by Jimmy Nicholls| 25 July 2014

Search indexing spiders said to be used for hacking and spamming.

Millions of fake Googlebots are being used around the world in distributed denial of service (DDoS) attacks, hacking and spam, according to security firm Incapsula.

Imposters are said to disguise themselves as the search engine's indexing spiders to gain privileged access to websites, accounting for 4% of those who appear to belong to Google.

Igal Zeifman, product evangelist at Incapsula, said: "Most website operators know that to block Googlebot is to disappear from Google."

"Consequently, to preserve their SEO rankings, these website owners will go out of their way to ensure unhindered Googlebot access to their site, at all times."

A third of more than 50 million fake Googlebot sessions monitored by the company were identified as malicious, and almost a quarter were involved in DDoS attacks.

Imposters can be identified by checking IP addresses or the autonomous system numbers that ISPs use.

"The actual type of these impostors may vary, but all of them should be deemed suspicious by default, due to their attempt to assume a false identity," Zeifman added.

Incapsula reported that a quarter of botnets that supply fake Googlebots come from the US, with China, Turkey and Brazil accounting for around 15% each.

Google has been contacted for comment.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

756 people like this.
0 people follow this.

Security Intelligence

Suppliers Directory


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.