Attackers are using search engine optimization (SEO) techniques to improve the ranking of malicious PDF files on search engines including Google and Microsoft’s Bing, according to a Netskope report.
The findings indicated that cybercriminals are leveraging various social engineering techniques—including SEO—and different Trojan families, including those delivered via PDF, to target victims more effectively.
The report found Trojans accounted for 77% of all cloud and web malware downloads, used to gain an initial foothold and to deliver a variety of next-stage payloads, including backdoors, infostealers and ransomware.
Ray Canzanese, director of Netskope Threat Labs, said the most concerning finding is the malware being spread via major search engine results, adding that phishing downloads are on the rise.
“This is a relatively new and uncommon malware delivery vector that people are less familiar with; therefore, they’re more likely to fall victim to it,” he said. “We do a lot of training around email, text and social media. But not so much with search engine results. Users might be more likely to have their guard down.”
SEO Targets Users When Their Guard is Down
He said for a phishing attack or scam to be successful, you must be able to reach your victims and, if you reach them somewhere where their guard is down, they might be more likely to fall for the attack.
“This PDF-plus-SEO technique is exactly that—a way in which attackers have demonstrated success in reaching...
Read Full Story: https://securityboulevard.com/2022/05/surge-in-malware-downloads-driven-by-seo-based-techniques/
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.
