Cybercriminals constantly develop and enhance their tradecraft to maximize the likelihood of success in their operations. At times, this evolution manifests in an expanded target set, while at other times, it includes changing operational outcomes. However, tradecraft evolution mostly involves revising the TTPs that cyber adversaries deploy. Despite several cybercriminals diligently updating their TTPs, many still rely on different implementations of social engineering to obtain initial access to enterprise and personal networks or to steal sensitive information. Specifically, the threat landscape has witnessed a growing number of malvertising and job recruitment scams over the last four years.
How can enterprises protect their personnel and clients from these attacks? How can cybersecurity practitioners track these campaigns for analysis? Search engine results pages (SERP) are one efficient means to systematically identify and mitigate these threats.
This talk from STRONGER 2024 highlighted how threat actors of varying sophistication are weaponizing malvertising and job recruitment scams in the wild and targeted attacks. The presentation explored how organizations can leverage SERP data to scope for malvertising activity and suspicious job recruiter impersonation for their enterprise. The presentation also addressed opportunities for automating the use cases and discussed the limitations of said opportunities.