By manipulating the search engine results, cybercriminals can direct users to websites owned by the attackers. HC3 has seen SEO poisoning used recently and frequently against the U.S. healthcare sector, according to a June 22 HC3 memo.
Threat actors often disguise websites using typos and cramming keywords into a webpage’s text.
“Organizations should carefully check every new domain that is registered on the internet that contains similarities with any of their brands or names,” the HC3 memo said. “As attackers often register domain names that are very similar to the legitimate ones, it is possible to detect them quickly in most cases, immediately analyze the situation, and take action to mitigate the risk.”
