Can your trusted Google search results trap you? All you need to know about 'search engine poisoning'

What looks like an ordinary Google search could be a disguise steering Indians and their trust towards illegal betting, gambling, and scam websites without us realising it.

Millions of Indians search, scroll and click on various links on their phones every day, but not every link leads to where it claims to.

Cybercriminals scan the internet for popular, trusted websites, especially government-linked or educational ones, to break into them using outdated CMS platforms, unpatched plugins, or old server software.

Once inside, attackers secretly insert hidden pages or links, add spam keywords like 'rummy', 'betting', 'crypto', as well as adult/pirated content, which further redirect the users to illegal websites and malicious pages.

The redirection works mostly on mobile phones, where users are more likely to click on URLs without checking their authenticity.

In that regard, a new government advisory has warned against the scam, calling it an act of manipulation that results in financial fraud and digital crime.

According to a Ministry of Home Affairs (MHA) advisory issued by the National Cybercrime Threat Analytics Unit (NCTAU) under the Indian Cyber Crime Coordination Centre (I4C), this sophisticated cyber threat—known as “search engine poisoning” or black hat SEO—specifically targets websites to promote illegal activities, such as gambling, betting, and fraudulent investment schemes.

Typically, search engines like Google aim to present their users with the most helpful and trustworthy websites.

Black hat SEO is when someone uses “cheating” techniques to jump to the front of the line, even if their website is useless or dangerous. It is the “digital equivalent of a con artist” using shortcuts to trick a system.

Unlike white hat SEO, which focuses on providing value to human readers, black hat SEO is designed purely to "cheat" the system for quick, short-term visibility.

The MHA advisory highlights several serious risks of users being misled, trapped in financial fraud, legitimate websites losing their credibility, and website owners facing legal and reputational challenges.

Notably, even assisting such activities, knowingly or unknowingly, is a criminal offence punishable under sections 43 and 66 of the IT Act, 2000.

Apart from carefully verifying search results before clicking, the MHA has also advised Indians to avoid downloading content from—or sharing personal information on—redirected/suspicious websites and to stay informed through trusted cyber safety sources, such as Cyberdost I4C (@Cyberdost) on X.

Website and domain managers have been advised to regularly update server software, conduct routine malware and code injection scans, deploy web application firewalls to block common attacks (such as SQL injections or XSS attacks), review access logs for anomalies, as well as to enforce CSP, X-Frame-Options, and HSTS to reduce the possibility of their platform being exploited.

They have also been urged to continuously monitor traffic and access logs for unusual activity.

What is SEO?

Search Engine Optimisation (SEO) is a powerful tool used to make a website better so it shows up higher on the results page when people search for things online.

When a site is optimised correctly, it becomes easier for search engines to find and rank the page, which means more people finding the page when they search for relevant topics.

“Since the hacked website is trusted, Google ranks the illegal website higher, making the scamming links appear legitimate,” said a cyber expert about SEO poisoning.

“Malicious actors also target professionals on LinkedIn to recruit skilled individuals, such as ethical hackers, pen testers, and developers, for illicit activities like black hat SEO, malware development, and infrastructure exploitation,” the cyber expert added.

“Cybercriminals lure them with high-paying jobs, sometimes offering as much as Rs 3 lakh per month, disguised as a legitimate role.”