Cybercriminals use popular search engine optimization (SEO) methods to improve the rankings of their phishing sites, and it seems to work quite well.
According to a new report from security service provider Netskope, phishing downloads of malicious PDF files have increased by 450% in the last 12 months, and SEO tools are partly “to blame”.
SEO is a practice in which the content of specific websites is optimized so that search engines are better able to index and track them. If these websites tick all the right boxes when indexing and tracking, they will appear higher on search results pages – a business considered the “holy grail” of digital marketing.
Phishing is not just for emails
Optimizing website content for search engines means doing a number of things, from ensuring the right length of content, having the right keywords, enough inbound and outbound links, to editing metadata for all media content. Then there are things like content to ad ratio, cumulative layout change, and a myriad of other things.
Those who succeed are rewarded by having their websites appear higher on search results pages.
Phishing is not a new practice. It’s been around since the dawn of the internet, and its premise is simple – trick the victim into divulging sensitive information – whether it’s passwords, personally identifiable data, or downloading viruses and malware. .
But phishing has almost always relied exclusively on email and social media. Victims would receive a seemingly innocent email or private message from someone posing as a well-known brand, their coworker, or another person of interest.
This message would contain a link, or an attachment, which would compromise the terminal of the victim in one way or another.
Being a popular practice among scammers, most companies have trained their staff to detect when they receive a phishing attack in their inbox. The training, however, usually does not cover search engines.
“People know to be wary of clicking on links in emails, text messages and on social media from people they don’t know. But search engines? said Ray Canzanese, director of Netskope’s Threat Labs.
“How does the average user tell the difference between a ‘benign’ search engine result and a ‘malicious’ search engine result? From a business perspective, this highlights the importance of having a web filtering solution in place,” Canzanese said.
The best way to defend against SEO-optimized phishing attacks is to deploy a solution that decrypts and scans web traffic for malicious content, Canzanese concluded.