Join us in Atlanta on April 10th and explore the landscape of security workforce. We will explore the vision, benefits, and use cases of AI for security teams. Request an invite here.
Today, researchers at security service edge provider, Netskope, published the Netskope Cloud and Threat Report: Global Cloud and Malware Trends, which found that phishing downloads rose 450% over the past 12 months, and highlighted that attackers are using search engine optimization (SEO) to rank malicious PDF files on search engines.
The report’s findings show that phishing attempts are constantly evolving, and attackers aren’t just targeting employees through their email inboxes; they’re also using popular search engines like Google and Bing.
The increase in phishing attacks and the growing popularity of SEO techniques among cybercriminals highlights the need for enterprises to provide their employees with security awareness training so they’re prepared to spot threats and not at risk of handing over sensitive information.
Phishing: a nuisance that won’t go away
The report comes as security teams have consistently failed to address the challenge of phishing attempts with traditional security tools such as secure email gateways.
Research shows that in 2021, 83% of organizations experienced an email-based phishing attack where they were tricked into clicking on a bad link, downloading malware, providing login credentials, or completing a wire transfer.
Now with hackers turning to SEO techniques, the number of successful phishing attacks has increased and has the potential to rise further, as attackers have a new medium where they can manipulate employees into handing over sensitive information outside the protection of other security controls.
“People know they should be wary of clicking on links in email, text messages, and in social media from people they don’t know. But search engines? This presents a much harder challenge.” said Ray Canzanese, director of Netskope’s Threat Labs.
“How does the average user differentiate between a “benign” search engine result and a “malicious” search engine result? From an enterprise perspective, this underscores the importance of having a web filtering solution in place,” Canzanese said.
How to Spot malicious PDF files
When it comes to defending against these SEO-driven attacks, Canzanese highlights several methods that security teams can use to protect employees. One of the most effective is to use a solution that can decrypt and scan web traffic for malicious content.
At the same time, security teams should encourage users to inspect all links they click on, and to exercise caution if the link takes them to an unfamiliar website.
In the event an employee does click on a malicious PDF, they can expect to see a fake captcha at the top of the first page, followed by text on other pages. In these scenarios, users should close the file, delete it from the device and report it to the security team ASAP.
Canzanese also notes that it’s important for users to report malicious URLs that feature on popular search engines to help the provider unlist them from the site and prevent other users from falling victim to a scam.