Researchers discover hackers using SEO to rank malicious PDFs on search engines

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

Today, researchers at security service edge provider, Netskope, published the Netskope Cloud and Threat Report: Global Cloud and Malware Trends, which found that phishing downloads rose 450% over the past 12 months, and highlighted that attackers are using search engine optimization (SEO) to rank malicious PDF files on search engines.

The report’s findings show that phishing attempts are constantly evolving, and attackers aren’t just targeting employees through their email inboxes; they’re also using popular search engines like Google and Bing. 

For enterprises, the increase in phishing attacks and the growing popularity of SEO techniques among cyber criminals highlights the need to provide employees with security awareness training so that they’re prepared to spot these threats online and not at risk of handing over sensitive information. 

Phishing: a nuisance that won’t go away 

The report comes as security teams have consistently failed to address the challenge of phishing attempts with traditional security tools such as secure email gateways. 

Research shows that in 2021, 83% of organizations experienced an email based phishing attack where they were tricked into clicking on a bad link, downloading malware, providing login credentials, or completing a wire transfer. 

Now with hackers turning to SEO techniques, the number of successful phishing attacks has increased and has the potential to rise further, as attackers have a new medium where they can manipulate employees into handing over sensitive information outside the protection of other security controls.

“People know they should be wary of clicking on links in email, text messages, and in social media from people they don’t know. But search engines? This presents a much harder challenge.” said Netskope’s Director of Netskope Threat Labs, Ray Canzanese. 

“How does the average user differentiate between a “benign” search engine result and a “malicious” search engine result? From an enterprise perspective, this underscores the importance of having a web filtering solution in place,” Canzanese said. 

How to Spot malicious PDF files 

When it comes to defending against these SEO-driven attacks, Canzanese highlights a number of methods that security teams can use to protect employees. One of the most effective is to use a solution that can decrypt and scan web traffic for malicious content. 

At the same time, security teams should encourage users to inspect all links they click on, and to exercise caution if the link takes them to an unfamiliar website. 

In the event an employee does click on a malicious PDF, they can expect to see a fake captcha at the top of the first page, followed by text on other pages. In these scenarios, users should close the file, delete it from the device and report it to the security team ASAP. 

Cazanes also notes that it’s important for users to report malicious URLs that feature on popular search engines to help the provider unlist them from the site and prevent other users from falling victim to a scam.

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.

Source: Read Full Article