PDF documents are using PDF files to stuff keywords to get higher search rankings
Cyber scammers are constantly trying to get their malicious websites to rank higher with Google Search. They have started using a new method which allows them to gain higher rank among the Google Search results. They are using PDF files to go around the cloaking-detection mechanism that have been put in place by Google. It has been uncovered that hundreds of thousands of unique PDF fails, stuffed with keywords, are exploiting this circumventing mechanism.
“Cloaking” Is Done by Stuffing Keywords into a PDF
Although Google is constantly trying to discover new ways in which websites are trying to exploit their search algorithms to rank higher in the search engine. “Cloaking” can be used by legitimate websites, as well as by malicious ones. This is done by stuffing keywords into a PDF. SEO practitioners use this to trick Googlebot into believing that the content on their websites are related to trending topics, which should earn them a spot on the first pages of the search results.
Even though Google has installed security measures that prevent cloaking through fake HTML pages, they have yet to introduce a solution for the process using PDF files.
The Problem with Google’s Security Protocols
There is a really large problem with Google’s security protocols, which lies in the fact that it trust PDF files way more than HTML pages, but as you can see, the PDF files can be used in the same way to exploit its algorithms. For some reason Google also trusts websites with domains ending in .edu and .gov rather than commercial web pages that end in .com for instance. Jedoch, the former can also be used for malicious purposes.
Users Can Be Misled
Seeing a page rank high on Google Search can fool users into thinking that it is legitimate. Jedoch, because of PDF cloaking, this may not be the case. And if they go to a website that is exploiting Google’s algorithms, then this can have some dire consequences for their system’s security. Their PC can become a target for cyber-attacks, for instance.
For now, there have been no report of such an instance, but this does not mean that it will not happen at some point in the future. Google has already been informed of this circumventing mechanism. Zur Zeit, they have not released any kind of statement, but being the tech giant that they are, they are sure to be working on ways to tighten up their security.