Over the weekend, Monetize, a blog dedicated to tricking search engines, described how a blackhat got Google to index over 5 billion webpages within three weeks. Yahoo and MSN were fooled, too, though nowhere near as badly. (MSN, for example, indexed just 62 pages before cutting him off.)

Searchers who landed on the pages were treated to copy scraped from legitimate websites, along with Pay-Per-Click ads from Google or Yahoo.

The effort seems to have met some success. Third-party traffic monitor Alexa noticed enough activity to rank at least one of the rogue sites among the 2,000 highest traffic sites on the web. That’s a phenomenal ranking for any site, especially a three week old site based in Romania.

According to Ana’s Lair, the search spoofing project was really fairly simple. In the end, the scheme required an SQL-driven auto-page generator, a modification of DNS software, and redirection/cloaking code to show Google one thing and the user something else.

Importantly, the bogus pages also enjoyed links from websites with a reasonable Google Page Rank (like “5″). This in turn, elevated the pages in search engine results.

As the blackhat considered all other avenues deliberately, I’m guessing that an automatic PPC ad clicker was part of the scheme, too.

Suddenly it all makes sense.

Over the last several months, all the searchers in our shop have complained about search results that were becoming increasingly clobbered up with useless citations, like http://2333.water.eiqz2q.org.

At the same time, we’ve watched Pay-Per-Click activity and costs climb, while actionable responses were plummeting. Our solution has been to start rehashing old advertising decisions. Others are suing.

Back in April, spyware hunter Ben Edelman charged that some adware automatically clicks on pay-per-click advertisements presented by Yahoo on the websites of Yahoo syndication partners. And Edelman named names.

He has since joined the legal teams are pursuing Yahoo for enabling Pay-Per-Click fraud.

In addition, Google recently settled a class-action lawsuit for $90 million.

As searchers and advertisers grow more restive, the Search-and-PPC biz looks increasingly dicey… especially for those who depend on it for over 90% of their revenue, like Google, whose SEC filing reminds:

The Company’s revenues are principally derived from online advertising, the market for which is highly competitive and rapidly changing. Significant changes in this industry or changes in customer buying behavior could adversely affect the Company’s operating results.

Among the 22 changes that might cause damage, Google lists 10 worries directly related to search and PPC:

  1. Our ability to continue to attract users to our web sites.
  2. The level of use of the Internet to find information.
  3. Our ability to attract advertisers to our AdWords program.
  4. Our ability to attract web sites to our AdSense program.
  5. The mix in our net revenues between those generated on our web sites and those generated through our Google Network.
  6. General economic conditions and those economic conditions specific to the Internet and Internet advertising.
  7. Foreign, federal, state or local government regulation that could impede our ability to post ads for various industries.
  8. New technologies or services that block the ads we deliver and user adoption of these technologies.
  9. The costs and results of litigation that we face.
  10. Our ability to manage click-through fraud and other activities that violate our terms of services.

What the world needs now is someone with global reach, clean search results, and thoroughly authenticated ad servers.

Could be just what the doctor ordered… for Microsoft?