"Hackers Are Using SEO to Rank Malicious PDFs on Search Engines, Research Finds"

Researchers at the security edge provider Netskope have released a report on global cloud and malware trends, which revealed a 450 percent increase in phishing downloads over the past 12 months. It also highlighted the use of Search Engine Optimization (SEO) to rank malicious PDF files higher on search engines. Findings shared in the report further suggest that phishing attempts are continuing to evolve, and threat actors are increasingly using popular search engines such as Google and Bing to trick unsuspecting users into downloading malware. The growth in phishing attacks and the popularity of SEO techniques among cybercriminals calls on enterprises to implement or improve security awareness training for employees to help them identify threats and prevent the exposure of sensitive information. According to the report, 83 percent of organizations in 2021 faced an email-based phishing attack in which employees were tricked into clicking a malicious link, downloading malware, providing login credentials, or completing a wire transfer. As hackers are increasingly using SEO techniques, the number of successful attacks has grown and is expected to rise significantly in the future. The use of SEO methods gives threat actors a new way to manipulate employees and bypass the protection provided by other security mechanisms. Ray Canzanese, director of Netskope's Threat Labs, highlights different methods that could be used by security teams to protect employees from SEO-driven attacks, one of which is to implement a solution capable of decrypting and scanning web traffic for malicious content. This article continues to discuss key findings shared in Netskope's recent report regarding phishing attacks and the growing popularity of SEO techniques in delivering malicious PDFs, as well as recommendations for preventing SEO-driven attacks.

VB reports "Hackers Are Using SEO to Rank Malicious PDFs on Search Engines, Research Finds"