SEO Poisining or ‘web positioning poisoning’ is one of the many tactics that hackers and cybercriminals use to infect user computers and gain personal information. It is more dangerous than others, since it uses the authority that is supposed to be attached to the results of a Google search to direct the user to sites controlled by them and that they have previously positionedso that they appear as the first or one of the first answers that the search engine gives. It can also be done by serving fraudulent ads that Google displays before organic search results.
‘SEO poisoning is a tactic used by cybercriminals to manipulate the results of the search engines and then direct users to malicious websites that often appear genuine‘, explains about this tactic Jake Mooreglobal cybersecurity advisor at ESET, told the Daily Mail newspaper. ‘When users click on these links, are taken to sites that expose them to malware that is usually downloaded immediatelycompromising the security of the computer and potentially causing data theft or infections on the device.’
A few days ago, the cybersecurity firm Sophos warned of one of these searches, in English, that have been ‘hacked’: Are Bengal cats legal in Australia? Now it has been the Daily Mail who, after consulting with experts, reveals Five other common searches that are the subject of SEO Poisining and with which you have to be very careful where you click on the results and ads displayed by the Google Search Engine.
Customer service numbers
Searching Google is a quick and easy way to get a company’s customer service number, but scammers often buy ads to appear in the first results and trick unsuspecting users. With these ads, which can appear even before the first organic result offered by the search engine, they provide misleading links and numbers that ultimately connect the user to them instead of the company they are looking for.
‘They get these calls, sometimes hundreds daily, and they convincingly imitate a technician,’ explained Ben Van Pelt, founder of the cybersecurity company TorGuard. To avoid falling for this scam, experts suggest Avoid the ads and go directly to the company’s website for contact information.
Searches for ways to make money
One type of victim that scammers look for is people with financial difficultieswho look for ‘easy loans’, and who take advantage with fake ads for immediate and simple loans. ‘Instead of turning to Google for financial help, Seek financial services from recognized banks and lenders‘ recommends Van Pelt.
In the same way, search ‘quick money making systems’which often promise ‘investment opportunities’usually leads to a pyramid scam. ‘Avoid falling into pyramid scams. For investment opportunities, always consult a trusted investment broker or financial advisor,’ explains the TorGuard expert.
Look for ‘high paying remote jobs’ and ‘free credit reports’ It is also risky. ‘When looking for a job, stick to well-known job sites and the official employment pages of reputable companies to minimize the risk of encountering scammers,’ says Van Pelt.
Google Authenticator
Some cybercriminals try to imitate real products. In June, cybersecurity researchers from Malwarebytes revealed that cybercriminals were attacking people searching for the application Google Authenticator. This system allows two-factor authentication to access services and platforms securely. Malwarebytes discovered that hackers They bought ads to promote a fraudulent link which, supposedly, directed to the Google app. However, whoever clicks to download it ends up installing malware on your device.
‘The core problem with brand spoofing comes from Ads that appear to be from official sources and advertiser identities verified by Google‘, he wrote then Jerome Segurafrom Malwarebytes, in a post on the company’s blog. ‘It’s ironic that potential victims compromise themselves by trying to improve their safety.’
Sports mental toughness questionnaire
Some of these attacks are directed at very specific individuals and groups. For example, researchers from Menlo Security were studying a malware campaign called SolarMarker when they discovered that the very specific phrase, ‘Sports Mental Strength Questionnaire’ I was engaged. The search leads to links to PDFs which are automatically downloaded to your computer, with viruses hidden in the pages.
‘It’s hard to detect, but it’s usually used for people who search for documents and PDFs on Google instead of websites,’ explains Moore. ‘Malicious links are embedded in such a way that they are downloaded automatically without your knowledge’. If something does download, Moore recommends not clicking on the file, but rather deleting it and running a virus scan ‘for added peace of mind.’
Viagra online
Cybersecurity experts warn to be cautious when searching for Viagra or similar products online to avoid falling victim to the ‘pharmaceutical hack’. This tactic involves scammers hacking websites WordPress -the most used CMS for building web pages- vulnerable and insert links to fraudulent pages that advertise fake versions of brand name pharmaceutical products.
‘By doing this, users genuinely believe they are clicking on a legitimate website selling legal pharmaceuticals,’ researchers from SolidWP.
Once the victim has reached the site, scammers can trick them into providing personal information and even sell you counterfeit medicineswith the risk it poses to health.