Cybercriminals are deploying search engine optimization (SEO) tricks to push malicious domains up the Google search rankings, security researchers have discovered.

According to a report from the security team at AT&T, in addition to distributing malware via email campaigns, the operators behind the infamous Sodinokini ransomware are targeting keyphrases commonly punched into Google.