Just when we thought SEO using Flash was as interesting as SEO poisoning can get, it seems it’s getting even sneakier…

Imagine a PDF file posted by someone evil online. Of course, Google being Google, the file is recognized as a PDF.

And when we open it, it really is a PDF. No evil codes inside, just a good old vanilla PDF file.

Three hours later… Google still says the file is a PDF. Brod (one of our geeky guys here) is attributing this to Google’s cache.

But is it really a PDF this time around?

It morphed! And it even has different topics this time. Topics which, when you follow them, will lead you to another PDF:

At least for a few hours before it becomes…

It’s a vicious cycle, but a pretty neat trick. Who would suspect a non-malicious PDF file right? At least before it becomes an HTML file. And the end result is a rogue antivirus scam.