Cybercriminals are resorting to search engine poisoning techniques to lure business professionals into Google sites that install a Remote Access Trojan (RAT) The attack works by leveraging searches for business forms such as invoices, templates, questionnaires, and receipts as a stepping stone toward infiltrating the systems. Researchers from eSentire said it discovered over 100,000 unique web pages that contain popular business terms or keywords such as template, invoice, receipt, questionnaire, and resume, thus allowing the pages to be ranked higher on the search results.
Source: https://thehackernews.com/2021/04/yikes-cybercriminals-flood-intrenet.html