View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Is your site safe from fake Googlebots?

Search indexing spiders said to be used for hacking and spamming.

By Jimmy Nicholls

Millions of fake Googlebots are being used around the world in distributed denial of service (DDoS) attacks, hacking and spam, according to security firm Incapsula.

Imposters are said to disguise themselves as the search engine’s indexing spiders to gain privileged access to websites, accounting for 4% of those who appear to belong to Google.

Igal Zeifman, product evangelist at Incapsula, said: "Most website operators know that to block Googlebot is to disappear from Google."

"Consequently, to preserve their SEO rankings, these website owners will go out of their way to ensure unhindered Googlebot access to their site, at all times."

A third of more than 50 million fake Googlebot sessions monitored by the company were identified as malicious, and almost a quarter were involved in DDoS attacks.

Imposters can be identified by checking IP addresses or the autonomous system numbers that ISPs use.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

"The actual type of these impostors may vary, but all of them should be deemed suspicious by default, due to their attempt to assume a false identity," Zeifman added.

Incapsula reported that a quarter of botnets that supply fake Googlebots come from the US, with China, Turkey and Brazil accounting for around 15% each.

Google has been contacted for comment.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.