This is fuelled by attackers using search engine optimisation (SEO) techniques to improve the ranking of malicious PDF files on popular search engines, the company said. Its findings are part of the latest edition of the Netskope Cloud and Threat Report: Global Cloud and Malware Trends, which examines the past 12 months of malware downloads from the cloud and web.
The top web referrer categories contained some categories traditionally associated with malware, particularly shareware/freeware, but were dominated by more unconventional categories. The ascension of the use of search engines to deliver malware over the past year provides insight into how adept attackers have become at SEO, Netskope said in a statement announcing the findings.
Malicious downloads referred by search engines were predominantly malicious PDF files, including many fake CAPTCHAs that redirected users to phishing, spam, scam and malware websites.
The report also found that most malware over the past 12 months was downloaded from within the same region as its victim, a growing trend pointing to the increasing sophistication of cybercriminals, which more frequently stage malware to avoid geofencing filters and other traditional prevention measures.
“Malware is no longer confined to traditional risky web categories. It is now lurking everywhere, from cloud apps to search engines, leaving organizations at greater risk than ever before,” said Ray Canzanese, threat research director at Netskope.
“To avoid falling victim to these social engineering techniques and targeted attack methods, security leaders must regularly revisit their malware protection strategy and ensure all possible entry points are accounted for.”
Additional findings from the report include trojans continuing to prove effective, accounting for 77 per cent of all cloud and web malware downloads; 47 per cent of malware downloads originate from cloud apps compared to 53 per cent from traditional websites; cloud storage apps continued to be the source of most cloud malware downloads; and Microsoft Office Malware Files have declined to pre-Emotet levels.