We’ve all come across a website on the web that seems just a little too dodgy to stay for long on. This could’ve been identified by the many download buttons scattered across the page or maybe by a lack of an encryption padlock on the URL like this:

Malware unencrypted site example

However, threat actors have become more and more skilled at disguising these fake sites from the untrained eye, and even search engines like Google.

To elaborate, Search engines are now pushing Malware to users more than ever in 2023. This even appears in some “Sponsored” search results, causing them to be the 1st result on a user’s Google Search.

 

How are so many people falling prey to these Malware sites?

 

According to Netskope’s 2022 Cloud and Threat report, nearly 10% of all Malware downloads in 2022 were referred from search engines.

The report also outlined that downloads of malicious software “mostly resulted” from weaponized data voids. Or, a combination of search terms that specifically appealed to business web users.

Data voids occur when there is a lack of clear-cut information on search terms found in Google. Netskope said this means that content matching certain terms appears “very high in search results” – which in turn appeals to threat actors targeting certain users.

 

Why are search engines not picking up on this?

The research revealed that threat actors are now developing finer-catered websites. They are catered to more of us by spanning a range of categories, such as business, marketing, technology, education, and retail.

These websites are often developed and populated in a patient manner by attackers to ensure they appear legitimate and dupe unknowing users.

Additionally, the threat actors only use them to host malicious content after they have been around long enough to blend in. This tactic tricks search engines like Google into thinking the site is legitimate until it’s suddenly changed.

However, Google has to crawl an incredibly large amount of pages continuously. This means that people like us can fall prey to its Malware download etc. before the site can be taken down.

An investigation by Bitwarden in January found that the volume of fake ads promoting malicious software and websites impersonating popular brands has increased marginally over the last year.

This explains how threat actors are able to “Sponsor” their fake sites with Google, and then implement their harmful Malware into them.

The rise of this “malvertising” has reached such a point in the last 12 months that researchers have raised questions over Google’s handling of the issue.

In January, a Twitter thread by security researcher Will Dormann questioned why VirusTotal, which is owned by Google, was not being used to automatically examine sponsored links for malware. The link to the original tweet can be found here.

 

Conclusion

Now we know what the dangers of this uprise in Malware sites are, let’s discuss the best ways to mitigate our risk to them.

Firstly, the most effective solution we can offer you is to provide Cyber Security Training to your employees/colleagues within your workplace. Let’s list a few major benefits of this solution:

 

  • Multi-purpose protection: This is a good business practice that applies to a lot more than just Malware on fake websites. An example could be identifying threats like Phishing, Vishing and Smishing too.
  • Protection against data breaches: A well-trained workforce can help prevent Malware breaches as they will be educated in the signs of a fake website, no matter how legitimate a threat actor can make a site seem, they can never replicate it perfectly.
  • Compliance with regulations: Acts such as the GDPR of 2018 can be very disastrous for businesses if they fail to uphold their “Principles”. Compliance with these regulations can help businesses avoid penalties and maintain their reputation.
  • Cost savings: Implementing Cyber Security Training can be less expensive than the cost of dealing with the aftermath of a cyber attack. By avoiding costly data breaches, businesses can save money and maintain the trust of their customers.

 

Secondly, by using reliable Anti-malware software, your device will detect and remove malware from your computer. A good habit to get into with Anti-malware is to run a manual deep scan at least once every week, better safe than sorry!

Lastly, keep your operating system and software up to date. Malware often exploits vulnerabilities in outdated software, as threat actors are constantly working to exploit new software updates just as fast as the software publishers are making new ones.

Therefore, it’s important to keep your operating system and software updated with the latest security patches, to minimise your and your business’s risk of a Malware infection.

We hope you’ve liked this blog and that you’ll stick around to see our future releases. We cover everything from recent IT News to Knowledgebase articles. Thanks for reading!