As you likely already know, the number of mobile users continues to grow, and search engines have become increasingly mobile-focused/inclusive. As search engines adapt and account for the shift in user behavior to mobile, so do websites and advertisers. And as websites and advertisers optimize and adapt their strategy to target mobile platforms, so do hackers.
Earlier this month, expert cyber security resource, Sucuri released a report regarding the rise in cyber-attacks through mobile platforms. It shows that hackers are taking advantage of the rise in mobile usage by showing users unwanted pop-ups and redirecting them to malicious sites.
This trend in hacking is problematic, because SEO is one of the main reasons this malware targets vulnerable websites. It’s called ‘SEO spam,’ and the dangers of the mobile malware include:
- Allowing attackers to arbitrarily access, read, and interact with emails and backend interfaces
- Stealing data (ex: media files)
- Injecting ads into pages they aren’t supposed to be
- Giving sensitive information from their browsing activity
This is bad for users, because they can potentially install ransomware, unwanted programs, or even have hackers take over their browser and damage your website through the backend. This, of course, is bad for websites, because it costs them the trust and business of their customers.
Even though this particular form of mobile malware is made possible by SEO, it does not mean you should halt your optimization efforts or rule them out of your digital marketing practices. The fact of the matter is that for every practice, action, or existing space online, there is a hacker trying to attack it. This is true for ecommerce sites, social media accounts, content management systems, and every other existing corner of the internet.
Like most things online, the solution to this problem lies within preventative practices and tight security. As a webmaster, site manager, or online business, it’s your responsibility to protect your internet property, as well as the users who visit your site. Some security measures you can take to protect your site, not just from this particular mobile malware, but all malware, are:
- Use Sucuri’s SiteCheck. This tool is tailored to emulate different mobile user agents and warn users about possible issues that may affect your computer when accessing your website (it’s free!).
- Monitor user feedback, questions, and complaints closely. One of the easiest ways you can monitor the security of your site is by keeping tabs on what users have to say about it. If you see lots of complaints about pop ups and redirects, it’s a red flag.
- Sign up for Google Search Console. This is helpful for any and all management or security practices you have. If Google detects any malicious redirects, they’ll send you a message in Search Console.
- Secure your CMS. Whether your website is powered by WordPress or Magento, there are specific actions you can take to ensure the security of both you and your users. Learn more about making your website hacker-proof here.