Phishing is prime time: Hackers use trusted websites to hijack search rankings

The operation appears to be highly organized, with groups such as “Neon SEO Academy” and “Seolink” providing illegal SEO services for phishing and online casino fraud. Since search engine providers are still in darkness, the operation has been rooted in Türkiye, where it has promoted illegal business.

“So far, most of the activities seem to be focused on the Turkish market surrounding online gambling and escort services,” Sebborn added. “As for search engines, there are no clear signs that they have received notifications about these activities or their reactions. At this point, there seems to be no public effort or statement about their addressing this misuse of rankings.”

Chris Gray, the live CTO of DeepWatch, believes SEO poisoning operations such as Hacklink will be spread throughout the phishing and Smshing campaign. “It is estimated that more than trillions of phishing emails will be sent this year, and these attacks are expected to involve 36% of all data breaches,” Gray added. “SEO poisoning does not necessarily mean that these attacks will be more successful, but it does mean that even legitimate communications are more likely to include malicious contacts.”