How Cybercriminals Use SEO to Attack

With cyberattacks and data breaches hitting new records every year, cybersecurity organizations are not only staying busy but also evolving to more effectively address threats from bad actors. This progression means that cybercriminals are forced to constantly find new ways to expose vulnerabilities for their own gain. With daily searches on Google being estimated between three and eight billion, there is a tremendous pool of unsuspecting victims to be preyed upon.

SEO (search-engine optimization) is a marketing discipline aimed at increasing a website’s visibility in search engines in order to drive traffic and sales as well as achieve other specific goals. SEO focuses on the organic (non-paid) section of search engine results pages, and website rankings are determined by complex algorithms and artificial intelligence. Enterprise SEO is the practice of SEO for enterprise organizations and large websites.

SEO Poisoning

SEO poisoning is the illegitimate and illegal techniques cybercriminals use to leverage SEO. We are increasingly seeing cybercriminals use SEO poisoning techniques to attract victims and lure them into hacked websites or unsecure locations where their data can be stolen, they can be forced to download malicious files or can be provided with disinformation to influence them in nefarious ways.

The Solar Marker Campaign

There are a number of techniques used in SEO poisoning that can catch unsuspecting search engine users. One approach is where a website with exposed vulnerabilities is hacked; then, individual pages are optimized to produce search engine rankings, and then malicious files are added to be downloaded by visitors. For example, the Solar Marker campaign targeted over 2K search terms to draw users to click on a link to download a pdf that was actually a malicious file, creating a backdoor onto their computers and leaving their data and their computers exposed.

Software Downloads

One SEO poisoning campaign attackers are using is to hack legitimate websites and target users looking to download productivity tools such as Zoom, Team Viewer and Visual Studio. So when users search for the program download they end up on a hacked webpage, and instead of downloading the program they are looking for they end up downloading malware, ransomware or Trojan horses that put them at risk.

How to Stay Protected

Unfortunately the web has become an increasingly dangerous place when it comes to protecting your devices and personal data. If you own a business the stakes are even higher. It is recommended that you invest in cybersecurity software for all of your devices and take specific precautions when surfing the web. The days of safely visiting any random website may be over. You need to think about websites you visit like the neighborhoods you would choose to physically walk though.

URLs and Domains

Pay special attention to the URL of any webpage you are visiting. Does it begin with “https” versus “http”? Https sites are more secure and less likely to be hacked. Also, look at the URL to see if, when you click through, it is redirected to a different website or stays on the same domain. Not all redirects are bad, but if you are sent to a completely different domain it could be bad news and you need to be very careful.

Downloads

Any downloadable file is an opportunity for you to be exposed, so make sure any time you are downloading a file, whether it is a program or pdf, you 100% trust the source and are on the correct website. Downloading files from third-party websites can be risky, so make sure the source is 100% trustworthy.

For Businesses

It is recommended that you work with an IT company that can secure your company computers and install cybersecurity software, just in case one of your employees downloads a malicious file. In addition, make sure your website platform gets updates when needed, especially when it comes to WordPress and WordPress plugins. This will reduce the chance of your website getting hacked and used for SEO poisoning.

---

Chris Rodgers is the CEO and Founder of Colorado SEO Pros, a boutique SEO agency founded in 2012, providing a suite of inbound marketing services for small and mid-sized organizations, from international enterprise corporations to technology start-ups and ecommerce businesses across the country and abroad. Rogers is a serial entrepreneur who moved to Colorado seven years ago after leaving his corporate marketing job to return to school and start his business. In addition to growing the company, Rogers also has partnered in several startups.