Dive Brief:
- Cybercriminals are using simple but enduring techniques for search engine optimization (SEO) to lure individuals to phishing scams and malware downloads, resulting in a sharp increase in attacks, according to a report released today from Netskope.
- The use of search engines to deliver malware produced a 450% increase in phishing downloads during the last year, Netskope found. The company’s research is based on anonymous telemetry from a “few million” customers that were using its secure web gateway during the 12-month period ending on March 31, 2022.
- Individuals searching common keywords encountered malicious PDF files containing fake CAPTCHAs that redirected to phishing, spam, scam and malware sites.
Dive Insight:
The increase in phishing downloads was largely driven by SEO tactics that pushed malicious PDF files to top search result rankings on Google and Bing, according to Netskope.
“It’s a technique that’s been around for a long time, but it seems like somebody’s finally figured out the recipe,” said Ray Canzanese, threat research director at Netskope. “We usually don’t see changes of that magnitude. Those only come when there’s somebody who’s really smart and persistent in trying to figure out how to weaponize these.”
Malware and phishing downloads can potentially expose enterprises’ most sensitive data. These threats put business activities at risk by luring unsuspecting employees into sharing privileged information that can be used by cybercriminals to...
Read Full Story: https://www.cybersecuritydive.com/news/malware-phishing-SEO/623458/
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.
