Search Engine Optimization (SEO) is used to improve the ranking of websites by ensuring that they provide quality content and a good user experience.
But new research from global threat intelligence firm Cybersixgill shows, perhaps unsurprisingly, that similar techniques are being leveraged by threat actors to build trust in their sites.
Phishing sites are often only online for a limited time. Adi Bleih, dark web analyst at Cybersixgill, explains that threat actors use black hat SEO to improve their site’s position in search engines so they can make the most of their phishing attacks and ” hunt” as many victims as possible during this short period. of time.
Cybercriminals also use black hat SEO techniques to damage the reputation of legitimate sites. It’s easier for black hat marketers to get rid of their competitor than to build their own reputation. One way is to trick their competitor’s customers into convincing them that they have been hacked into visiting the competitor’s legitimate site.
There are also examples on the dark web of black hat SEO offered on an as-a-service model to optimize pages, setups, and backlinks.
Bleih concludes on the company blog:
Threat actors are notorious for exploiting legitimate techniques to their advantage, turning them from innocent best practices into malicious campaigns. Search engine optimization (SEO) is no different, and threat actors use black hat SEO to improve and optimize their phishing sites, improving the site’s ranking and position in search engines. and thus maximize incoming traffic.
We recommend that you carefully check any URL you click on, even if you found it after a Google search. As we have highlighted in this article, many threat actors use redirect links and other techniques in order to manipulate users into luring them to phishing pages.
You can read more on the Cybersixgill blog.
Image credit: carlos_bcn / depotphotos.com