Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Two Prudential companies in Malaysia affected by MOVEit data-theft attack
June 13, 2023
Prudential Assurance Malaysia Bhd (PAMB) and Prudential BSN Takaful Bhd (PruBSN) have confirmed that they have been affected by the global MOVEit data-theft attack, “where a zero-day vulnerability was exploited.” The two insurance companies said that as soon as they became aware of the breach, “we took action to isolate the affected server while the incident ...
- MOVEit Vulnerabilities: What You Need to Know
June 12, 2023
Extortion actors have been actively exploiting a recently patched vulnerability in MOVEit Transfer, a file-transfer application that is widely used to transmit information between organizations. The nature of the software affected means that attackers can exploit unpatched systems to mount a supply chain attack against multiple organizations. While the original vulnerability (CVE-2023-34362) was patched on May ...
- UK media watchdog Ofcom data downloaded in cyber-attack
June 12, 2023
Media watchdog Ofcom has confirmed that it is a victim of a cyber-attack by hackers linked to a notorious Russian ransomware group. Confidential data about some companies regulated by Ofcom, and personal information from 412 employees was downloaded during the mass hack. A number of firms, including British Airways, the BBC and Boots, have been affected ...
- Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency
June 12, 2023
Stealing cryptocurrencies is nothing new. For example, the Mt. Gox exchange was robbed of many bitcoins back in the beginning of 2010s. Attackers such as those behind the Coinvault ransomware were after your Bitcoin wallets, too. Since then, stealing cryptocurrencies has continued to occupy cybercriminals. One of the latest additions to this phenomenon is the multi-stage ...
- Ireland: Fresh cyber attack impacts HSE
June 9, 2023
The Health Service Executive (HSE) has been impacted by a fresh cyber attack. Work is ongoing to determine the impact on HSE data following the attack which has been as criminal in nature and international in scale. But no patient data is believed to have been accessed at this stage. Read more… Source: The Irish News
- Australian law firm HWL Ebsworth probing hacked data
June 9, 2023
A prominent Australian law firm is investigating claims hackers have published data taken from the company on the dark web. HWL Ebsworth, which has clients at either commercial or government level in every state or territory, on Friday said it had learned of the data release. Read more… Source: The New Daily