If you’ve spent much time on the internet, you’ve probably heard of common security threats, like email scams and spoofed websites. However, there is a threat out there called SEO poisoning that can be difficult to predict or protect yourself against. The popularity of this attack is on the rise.
Searching For Certain Words and Phrases Could Put Your Computer at Risk
It might sound crazy, but these days, you have to be wary of everything on the internet, even the simple words you search for in your web browser. The good news is that the mere act of searching with your web browser won’t get you infected with malware. The bad news is that a simple search can be part of a threat actor’s attempt to funnel you toward a virus.
In the case of search engine optimization (SEO) poisoning, threat actors rely on extremely niche, specific search terms that place their trap at the top of the search results page, luring people who need information to their nefarious payload. One such recorded incident, which prompted security investigation into this type of lesser-known malware attack, involved the following search: “Are Bengal Cats Legal in Australia?”
You see, a certain threat actor was using an online forum that anyone can access, one that is easily found via a Google search. The link to access the threat actor’s forum post read “Do you need a license to own a Bengal cat in Australia?” Upon clicking this link, a malicious ZIP file was automatically downloaded onto the user’s computer, beginning the staged installation of malware.
So, the search itself doesn’t infect your computer, but the online resources that search leads to could be compromised. As for why this type of attack is effective, it preys on the difficult nature of finding answers to niche questions.
Why Threat Actors Are Using SEO Against You
SEO is a somewhat complicated topic that has entire books dedicated to it. However, the gist of it is this: websites have lots of words and phrases in them. When you search for a term or phrase using your search engine, websites with more instances of that term and phrase are more likely to show up on the first page of the results and even near the top of that first page, making it the first thing you see.
This means there will be many search results for vague, general searches, such as “cat videos.” There are tens of thousands of websites competing for a top spot in your search results when it comes to cat videos. But let’s say your search is more specific, such as “Are Bengal Cats Legal in Australia?”
There aren’t as many websites that include such specific information. Because it’s a niche question, the sites talking about it the most are likely to be public forums, and they are likely to appear pretty close to the top of the search results page, since there isn’t much competition for that topic. Finally, the threat actor can easily lay a trap on that public forum that curious users are likely to click on, since there aren’t many places to get the answer they want.
That said, the more niche and specific your browser search, the more likely you are to encounter this type of malware threat.
But how do you know what counts as niche? How can you protect yourself from such attacks? Well, there’s no guaranteed way to know which searches are most likely to lead you toward a malware trap, but many of the same cybersecurity rules of the internet still apply.
How to Keep Yourself Safe While Searching the Web
To start with, the best way to keep yourself safe on the internet is to remain wary of everything. Part of why SEO poisoning is effective is the fact that lots of users assume that anything they search through a reputable browser like Google is vetted and safe. Google normally tries to keep dangerous sites from cropping up on the first page of search results, but that doesn’t mean it always succeeds.
Surfshark
So, don’t assume that anything is safe on the internet just because you got there through Google. You still need to be wary of clicking on links or installing anything from any website. Always keep your antivirus software up-to-date, and trust your gut: if something looks suspicious, it probably is. If you really want to click on a link, there are ways you can test it to see if it is legitimate first.
Of course, if your antivirus software gives you some sort of warning about anything you are trying to download, you’re better off listening to it. That said, antivirus software does accidentally flag totally safe files sometimes, so you can also test a download to see if it is safe, just like a link.
All of this is to say that you need to be aware of the types of threats and risks that exist on the internet now, even when you are doing something as simple as searching for information on Google. Whether it’s a scammer sending you phishing emails or a malicious threat actor trying to use your curiosity to target your computer, you can never let your guard down when moving through cyberspace.
Keep your antivirus software up-to-date, consider using a VPN, and be careful of what information you put out there on public networks. But most of all, remain vigilant.
