Be wary of fraudsters manipulating search results

Cybercriminals manipulate search results to deceive internet users. This activity is known as SEO poisoning (Search Engine Optimisation Poisoning) and is fast becoming a serious threat to internet security. Scammers will exploit search engine optimisation techniques to ensure that malicious or fake websites appear as high as possible in search result ranking.

Since many people generally trust the top results on a search engine, these sites appear credible and people often click on them. It is precisely this trust that criminals exploit to lure people onto fake websites where they steal login details or spread malware, for example.

If you click on these links, you run the risk of fraudsters

• Stealing your sensitive login details,
• Installing malware without your knowledge
• and stealing your money.

This scam can be very dangerous, particularly when it comes to confidential services such as online banking or payment methods.

What do the scammers do?

Cybercriminals use various strategies to make their websites appear as authentic as possible and achieve high rankings in search results. They optimise their sites especially for frequently used search terms and tweak their content to fool search engines into thinking the sites are genuine.

Fake websites impersonate other sites

One frequently used method is fake login sites that look almost identical to the websites of well-known banks or financial service providers. To do this, the scammers will register internet addresses (domains), which are very similar to real addresses but have slight differences or use common ty-pos.

For example, instead of:

• bankenverband.de

a manipulated domain might be displayed as:

• bankemverband.de

At first glance, many won’t notice the difference and simply enter their login details on the fake site.

Targeted keywords direct users to phishing sites

Criminals will optimise their fake websites for frequently used search terms. These include, for example:

• bank login
• the name of a bank
• online banking services

As a result, the fake sites rank high on search results and give the impression of being authentic.

Luring users with attractive offers

Some fraudulent websites lure victims with very tempting deals that can - of course - only be paid for using certain payments methods – often via cryptocurrency or hard-to-trace payment channels..

If you enter your payment or login details into these sites, you are risking more than just financial losses; you could even lose control over your account or wallet, including any and all transactions made.

Fake websites can also contain malware, such as viruses or trojans, which are installed automatical-ly and secretly after certain triggering actions made by the user. It then steals personal data, ma-nipulates your devices or causes financial harm.

Tips on how to protect yourself

In order to protect yourself from this kind of attack, you should follow a few key safety rules:

• Keep an eye out for suspicious domain names. Carefully check internet addresses for typos or unu-sual spelling.
   
• Never install unknown applications. If a website asks that you download or install an application, be sceptical.
   
• Take browser warnings seriously: modern browsers will often warn you about potentially harmful websites, and you should not ignore them.
   
• Go directly to the website: it’s safer to enter the web address of your bank or other important online accounts directly into your browser’s address bar instead of using search to find it.