The lengths by which cyber criminals will go to steal your personal information are endless, as a new scam has arisen that uses PDFs filled with SEO keywords to download malware on your device and steal your passwords.
Scams have become a regular part of online life in recent years, which means that finding ways to protect yourself is key to your continued enjoyment of the world wide web. Between ransomware attacks holding your data hostage to phishing emails tricking you into giving it up yourself, knowing what kind of scams are out there is the first step in protecting yourself.
That’s why we’re getting the word out that a new scam is using keyword-laden PDFs to get your personal information with you even realizing it.
The New Scam Using PDFs to Steal Information
According to Microsoft, who tweeted about the new potential threat, the cyber criminals behind the SolarMaker malware attack have been utilizing PDFs filled with SEO keywords to steal personal data and passwords. Because the files are so heavily stacked with these SEO keywords, they place unusually high on search results, leading to a surprisingly high success rate, which is a problem.
Operators of the malware known as SolarMarker, Jupyter, other names are aiming to find new success using an old technique: SEO poisoning. They use thousands of PDF documents stuffed w/ SEO keywords and links that start a chain of redirections eventually leading to the malware.
— Microsoft Threat Intelligence (@MsftSecIntel) June 11, 2021
This method, dubbed SEO poisoning, is surprisingly effective, yet not nearly as new as it may sound. Hackers have been using it for a while to spread malware, although Microsoft notes this is a particularly thorough one that put you through quite the ringer before eventually getting you to download a malicious file.
How Does This New Scam Work?
In earnest, this scam should be pretty easy to spot, but we’re going to walk you through it just so you don’t fall victim to it on accident.
It starts with a web search. Because the PDFs are chock full of SEO keywords, these malicious links could be within the first page of Google of virtually any topic — from “insurance forms” to “math answers” — giving the appearance of a reputable resource.
Once you’ve clicked that link, the madness begins. You’ll be redirected to between five and seven different Google Sites until you eventually land on “an attacker-controlled site, which imitates Google Drive.” At that point, you’ll be asked to download a file, which will have the malware on it.
Once you’ve done that, you’re in trouble. The malware will scrub your device for personal information, passwords, credit card numbers, and anything else that might be valuable to a hacker.
How to Protect Yourself Online
The best way to protect yourself from this scam is to never download anything from a simple web search. If you can’t find “math answers” or “insurance forms” in a single click, there’s no reason to move forward. Especially considering this scam requires you to click through multiple sites just to get an answer, your spidey senses should be tingling before you get anywhere near a malicious link.
Still, if you want to make sure you don’t fall victim to this or any other malware attack, your best bet is going to be antivirus software. These platforms are designed to not only warn you about malicious links, but also steer you clear of these kinds of phishing websites.
If you want to take it a step further, password managers and VPNs are the best way to keep yourself safe online. Given that passwords are the first and sometimes only obstacle to hackers and that unsecured networks run rampant throughout the US, both tools can do a lot to keep you safe when it comes to your online presence.
