While conducting blackhat search engine optimization (SEO) investigations, I stumbled upon an SEO attempt hosted in the popular document-sharing site Scribd.
The document that contains the SEO strings and links was actually a .PDF file that has been uploaded to Scribd.
Further investigation revealed that the user account that uploaded this SEO .PDF file has been very actively uploading .PDF files designed for blackhat SEO attacks. As of this writing, 3,003 such .PDF files have been uploaded to Scribd since the creation of the account 26 days ago.
Clicking any of the links leads to a site that has been specifically designed to host or link ads. The site itself is not malicious, as it does not instigate drive-by downloads nor cause automatic redirections but a link that leads to a spammy Viagra site and outright malicious FAKEAV links, in the end, reveal its true nature.
This SEO trail reveals two alarming blackhat SEO trends—the use of document formats apart from HTML to create SEO pages and the use of document-sharing sites, particularly Scribd, to host non-HTML blackhat SEO attacks.
Trend Micro product users need not worry, however, as Smart Protection Network™ protects them from blackhat SEO-related attacks.