Published May 12, 2022
Author: Ash Khan

Remember! SEO is also as dangerous as email when it comes to malware distribution 

There’s a proverb “there is a craft in daubing”. However, in order to be a cybercriminal now, you have to be a perfect dauber. So, they are learning and utilizing SEO techniques to improve their site ranking. And it is a cunning plan and working quite well. 

Netskope – a security service provider claimed in its recent reports that approximately 450% of malicious phishing downloads increased in 2021. This is happening mainly because of SEO tools and techniques and social media groups.  

Social media has certainly made the dissipation of information easier. It has given cybercriminals a chance to be creative in their techniques. 

In SEO content is optimized and indexed in a manner that search engine tracks it efficiently. When websites fulfill all the tracking requirements, they appear higher on search pages. 

Phishing via SEO 

Content Optimization means a variety of things including appropriate content length, powerful keywords, and proper backlinks. It also involves tweaked metadata, relevant multimedia content, content to ad ratio, etc. 

If all these requirements are fulfilled, the website gets ranked higher on search engine results. Phishing is as old as the internet itself. It is an old scamming practice with different variations.  

The notion behind it is trickery. It tricks unsuspecting innocents into sharing personal information including passwords, banking information, or downloading malware.   

Basically, phishing relies on email and social media. Recipients receive emails and messages or some brand posting. This carries a malicious link or attachment when opened affects the victim. 

This is a commonly known practice among hackers. Businesses hire IT Techs to maintain website security by spotting phishing attacks. 

Now crooks are employing SEO techniques to transfer malware to their intended targets. The most recent practice is phishing through pdf files.  

The pdf would be glazed with malware and victims will download it without giving any consideration. Unfortunately, some techs were not trained for this sort of attack. This rendered rapid growth in phishing through pdf last year. 
 
 

Conclusion! 

The thing we need to know is cybercriminals are smarter than we give them credit. They know most people would not open a link, message, or check a posting from a stranger.  

However, search engine links and files are always considered to be reliable. This poses a greater threat to cybersecurity. 

At this point, the majority of the people cannot differentiate between benign and malicious search engine results. The only way to prevent SEO-based phishing attacks is some sort of web scanner for malicious content.