Searching Google might seem like one of the safest things to do online, but cybersecurity experts warn that there are some searches that could put you at risk of being hacked. Last week, a simple search for “Are Bengal cats legal in Australia?” was used by cybercriminals to infect a cat-lover’s computer. Now, experts have revealed other common words and phrases that cybercriminals latch onto in order to infect computers. Using a technique called “SEO poisoning,” criminals exploit Google’s search results to lure unsuspecting victims to websites the crooks control. Following these links could lead to hackers taking over your computer, stealing your information, and even holding your data ransom.
CUSTOMER SERVICE NUMBER
Scammers frequently purchase advertisements for search terms so their malicious websites appear near the top of the results page on Google search. Since most Internet users assume the top-listed results are legitimate, they willingly follow the links without using any proper scrutiny. When a person calls the number listed, instead of reaching customer service of the company they intended to find, they’re met by a scammer ready to steal their information. To avoid this type of scam, always look for customer service numbers directly from the company’s official website, rather than Googling it.
EASY LOANS
Unfortunately, like many scammers, cybercriminals often go after those who are in financial distress. By targeting those who are already in dire need, the criminals hope their victims won’t think about the old adage “if it sounds too good to be true, it probably is.” Once someone has been lured onto the site, the scammers will then try to trick them into giving away their banking information or downloading malware onto their computers.
GOOGLE AUTHENTICATOR
While most SEO poisoning attacks go after specific words and phrases, some scams try to impersonate actual products. In June, Cybersecurity researchers from Malwarebytes warned that cybercriminals had begun to target Internet users searching for the Google Authenticator app. This app is required to log into certain secure services and provides two-factor authentication which is key to maintaining good cybersecurity. However, Malwarebytes found that hackers had purchased fraudulent ads promoting what appeared to be a legitimate link to the app. Following this link brought users to a cleverly disguised website which prompted the visitor to install a file on their computer. Rather than installing Google Authenticator, anyone who clicked “download" would actually install a piece of malware designed to ransack their device for personal data.