Threat Actors Manipulate Search Results to Lure Users to Malicious Websites

Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search engine results, pushing malicious websites to the top where unsuspecting users are likely to click.

In recent years, this tactic, often known as SEO poisoning or black hat SEO, has seen cybercriminals hijack the reputation of legitimate websites to promote malicious content or phishing sites.

Recent investigations have uncovered sophisticated campaigns where cybercriminals deploy ads leading to phony websites that mimic popular software like Firefox or messaging apps like WhatsApp and Telegram. These fake sites are designed to capture sensitive user data.

For example, ESET researchers identified campaigns where fraudulent ads for software appeared in Google search results, directing victims to these impersonated sites, aiming to gain complete control over compromised devices.

Targeting High-Value Sectors

Financial services are particularly lucrative targets. In 2022, scams impersonating Mastercard through malicious ads were detected by ESET researchers in Latin America.

Another example involved a campaign impersonating the La Veloz del Norte bus company in Argentina, where attackers harvested personal and banking information from users searching for bus tickets.

AI and New Opportunities for Scammers

The rise of AI tools has inadvertently opened new avenues for scams.

Fraudsters have been found buying ads to promote counterfeit AI services, like fake ChatGPT sites, redirecting users to websites designed to steal credit card details.

These sites often display logos of legitimate partners to appear more credible.

Search engine users must remain vigilant. Here are some tips to stay safe while navigating search results:

• Examine URLs: Always check the URL of the website you’re about to visit for any slight discrepancies or misspellings that might indicate a scam site.
• Security Software: Use robust security software that can block connections to known malicious sites.
• Two-Factor Authentication: Enable two-factor authentication (2FA) for all important accounts to add an extra layer of security.
• Google’s Tools: Utilize Google’s tools to inspect the legitimacy of ads by clicking the three dots next to sponsored listings for more details.

Google has been proactive in combating these threats, with its latest Ads Safety Report revealing that in 2023, the company blocked or removed over 5.5 billion ads. However, some threats still manage to slip through.

The manipulation of search results by threat actors underscores the need for users to exercise caution with every click.

Despite advancements in AI and search technology, traditional search engine use remains prevalent, and with it, the associated risks.

Staying informed and applying basic cyber hygiene practices are crucial in safeguarding against these evolving cyber threats.

Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!