Scammers have long used cloaking as a technique to drive up search engine rankings, stuffing webpages full of keywords and links that make them attractive to Google, but not to actual readers.
Google wised up and those tactics became ineffective. But, according to a new report from SophosLabs, there is one twist on cloaking that still works, and that is to stuff those keywords and links into PDF documents instead.
“It is our supposition that Google has not protected PDFs from this type of search engine poisoning the same way it has with HTML files,” said Maxim Weinstein, security adviser at Sophos.
According to Weinstein, SophosLabs noticed the PDF cloaking a few days ago, and hundreds of thousands of fake PDF documents have been appearing daily since then.