When searching the Internet, it is important to make sure that the link you click is a legitimate web page. Cybercriminals are becoming increasingly sophisticated not only with the tools at their disposal to get access to your personal data, but also how they trick victims into opening their door.

Sophosa cyber security firm, warns cat lovers to be careful when searching for information online. Specifically, enter six words into your engine. search and then “click on malicious adware or links disguised as legitimate marketing or, in this case, a legitimate Google search.” This could lead to your information being stolen. personal information such as bank details.

These are the 6 words you shouldn’t type if you don’t want your computer hacked

Earlier this year, a new GootLoader variant was detected which led to a large threat hunting campaign by Sophos X-Ops Managed Detection and Response (MDR). As is usually the case with a Gootloader, which is a type of malware, it has been found to use Search Engine Optimization (SEO) poisoning. This is a technique to place malicious websites in the ranking of web search results, which entices unwitting victims to click on the link.

The exact six words in question are “Are Bengal cats legal in Australia?” Those who clicked on fraudulent links resulting from this specific search reported having their personal information stolen.

Generally, the website will be proportional to the information the person is looking for, usually contracts or other legal or financial documents. During the MDR investigation “The threat actor was using SEO poisoning through an easily accessible online forum found with a simple Google search.”

User searched “Do you need a license to own a Bengal cat in Australia” which resulted in a malicious URL appearing first in search results list explained Sophos. After the user clicked on the link, they downloaded a .zip file that started the first phase of the hack. In the case of a particular user described in the report, the third stage, the full implementation of the malware tools, was not successful.

The cyber security firm advises that “users should keep looking for search results and search ads that seem too good to be true on domains that are off the beaten path.”