Scammers Use Government Websites to Advertise Hacking Services

Government websites are seen as sources people can trust. However, threat actors use this trust for their harmful purposes. Scammers recently used official websites to advertise their hacking services. This situation shows why businesses should be on the lookout and take more robust computer security measures to avoid being affected by this type of risk.

Hackers Use Flaws to Spread SEO Spam

Scammers found weaknesses in US government websites and used them to upload advertisements for their hacking services. A federal agency and several universities were also affected.

The ads were disguised as PDFs and offered hacking services for sale. There were links to websites showing different hacked social media accounts. They also provided services for fake followers and video game cheating. The ads were selling "easy and safe" hacking solutions that had no hidden goals. The people whose accounts were hacked even had names and images on some of the websites. Based on the PDF file dates, those ads have likely been there for some time.

According to experts, the hackers have used open-source software, which can be used to create popups that make sure website visitors are real people. Due to security flaws, the SEO PDF ads surfaced on official websites. It seems like the hacking services advertised were made up as part of a click fraud campaign to get users' money.

While this complex attack went undetected for a while, it could have been worse. Instead of trying to sell scam services, the criminals could have uploaded infected links or content to the PDFs. It could have led to a massive data breach and other permanent consequences. For that reason, businesses should be aware of website weaknesses that can host SEO spam.

A Call for Businesses to Prevent Security Problems

Cybercriminals take advantage of any flaws. Businesses need to be aware of possible weaknesses, fix them, and use strong security measures. To build a solid defense, businesses must train their staff members to avoid these threats. Because scammers and hackers can affect their customers and clients, taking the necessary measures against them is vital. 

Used with permission from Article Aggregator

Previous
Previous

SCAM OF THE WEEK: Call 800-Cybercriminal

Next
Next

SCAM OF THE WEEK: Getting Chummy with Pretexting