Researchers at Netskope have observed a 450% increase in phishing downloads over the past twelve months, largely driven by attackers using SEO (search engine optimization) to improve the search engine ranking of malicious sites. Most of these downloads were malware-laden PDF files.
“The top web referrer categories contained some categories traditionally associated with malware, particularly shareware/freeware, but were dominated by more unconventional categories,” Netskope says. “The ascension of the use of search engines to deliver malware over the past 12 months provides insight into how adept some attackers have become at SEO. Malware downloads referred by search engines were predominantly malicious PDF files, including many malicious fake CAPTCHAs that redirected users to phishing, spam, scam, and malware websites.”
Additionally, the researchers found that attackers are increasingly hosting their malware in the regions they’re targeting, which improves their chances of success.
“The report also found that most malware over the past 12 months was downloaded from within the same region as its victim, a growing trend that points to the increasing sophistication of cybercriminals, which more frequently stage malware to avoid geofencing filters and other traditional prevention measures,” Netskope says. “The findings reveal that attackers tend to target victims located in a specific region with malware hosted within the same region. In most regions, the plurality of malware downloads originated from the same region as the victim. This is especially true for North America, where 84% of all malware downloads by victims in North America were downloaded from websites hosted in North America.”
Ray Canzanese, Threat Research Director at Netskope, stated, “Malware is no longer confined to traditional risky web categories. It is now lurking everywhere, from cloud apps to search engines, leaving organizations at greater risk than ever before. To avoid falling victim to these social engineering techniques and targeted attack methods, security leaders must regularly revisit their malware protection strategy and ensure all possible entry points are accounted for.”
New-school security awareness training can give your organization an essential layer of defense by teaching your employees to follow security best practices.