Cybercriminals have been using search engine optimization (SEO) techniques and paid advertisements to manipulate search engine results, in order to push malicious websites to the top of search results. This tactic, known as SEO poisoning or black hat SEO, has become increasingly common in recent years. These cybercriminals are exploiting the reputation of legitimate websites to promote malicious content or phishing sites, putting unsuspecting users at risk of clicking on harmful links.
Recently, investigations have revealed sophisticated campaigns where cybercriminals deploy ads leading to fake websites that mimic popular software like Firefox or messaging apps like WhatsApp and Telegram. These fake sites are designed to steal sensitive user data, including personal information and financial details. For example, ESET researchers have identified fraudulent ads for software that appeared in Google search results, directing victims to impersonated sites, with the goal of gaining complete control over compromised devices.
Financial services have become lucrative targets for cybercriminals. In 2022, scams impersonating Mastercard through malicious ads were detected by ESET researchers in Latin America. Another campaign involved impersonating the La Veloz del Norte bus company in Argentina, where attackers harvested personal and banking information from users searching for bus tickets.
The rise of AI tools has created new opportunities for scammers to carry out fraudulent activities. Fraudsters have been buying ads to promote counterfeit AI services, such as fake ChatGPT sites, redirecting users to websites designed to steal credit card details. These fake websites often display logos of legitimate partners to appear more credible.
In order to stay safe while navigating search results, it is crucial for search engine users to remain vigilant. Some tips to stay safe include: examining URLs for discrepancies or misspellings, using robust security software that can block connections to known malicious sites, enabling two-factor authentication (2FA) for important accounts, and utilizing Google’s tools to inspect the legitimacy of ads.
Although Google has been proactive in combating these threats, with over 5.5 billion ads blocked or removed in 2023, some threats still manage to slip through. The manipulation of search results by threat actors highlights the importance of exercising caution with every click. Despite advancements in AI and search technology, traditional search engine use remains prevalent and carries associated risks.
Staying informed and applying basic cyber hygiene practices are essential in safeguarding against evolving cyber threats. It is crucial for users to educate themselves about these risks and take necessary precautions to protect their personal information online. Cybersecurity awareness and vigilance are key in combating cybercrime in an increasingly digital world.