Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Australian horse riding organisations caught up in cyber attack impacting 10,000 people
July 6, 2023
Cyber criminals have targeted yet another Australian small business by stealing and leaking the data of 10,000 people. Last month, the data of a little-known company called Event Secretary was published on an online forum. Unfortunately, Event Secretary was the platform that several major Australian horse riding organisations used to book and enter into equestrian competitions ...
- Japan’s biggest port hit by suspected cyberattack, operations halted
July 5, 2023
The Port of Nagoya, Japan’s largest port by total cargo throughput and responsible for handling some of Toyota Motor Corp.’s car exports, has suffered a crippling system glitch, with the port operator saying Wednesday it suspects a cyberattack. As of noon, the port in central Japan remained unable to load and unload containers from trailers. Police ...
- TSMC discloses data breach from LockBit-claimed attack against third party
July 4, 2023
Major Taiwanese multinational chip manufacturing firm Taiwan Semiconductor Manufacturing Company has confirmed experiencing a data breach as a result of a cyberattack against Kinmax, which is one of its IT hardware suppliers, before the end of June, reports The Record, a news site by cybersecurity firm Recorded Future. Such a disclosure comes after the LockBit ransomware ...
- Microsoft Denies Major 30 Million Customer-Breach
July 4, 2023
Microsoft has hit back at claims from a shadowy hacktivist outfit that it managed to breach the company and obtain account access for tens of millions of customers. Anonymous Sudan, which has been linked in the past to pro-Kremlin groups like Killnet, posted the details of its alleged raid on Telegram. Read more… Source: Infosecurity Magazine
- Chinese threat actors targeting Europe in SmugX campaign
July 3, 2023
In the last couple of months, Check Point Research (CPR) has been tracking the activity of a Chinese threat actor targeting Foreign Affairs ministries and embassies in Europe. Combined with other Chinese activity previously reported by Check Point Research, this represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting European entities, ...
- ‘Pay and benefits compromised’ in Dublin Airport cyber attack
July 3, 2023
The pay and benefits details of nearly 2,000 staff members of daa, which operates Dublin Airport, were compromised due to a recent cyber attack on professional service provider Aon, the Sunday Times reported. A spokesperson said that as a result of a recent cyber attack on Aon, a third-party provider, data relating to some employees’ pay ...