Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Legion: New hacktool steals credentials from misconfigured sites
April 13, 2023
A new Python-based credential harvester and SMTP hijacking tool named ‘Legion’ is being sold on Telegram that targets online email services for phishing and spam attacks. Legion is sold by cybercriminals who use the “Forza Tools” moniker and operate a YouTube channel with tutorials and a Telegram channel with over a thousand members. Read more… Source: Bleeping Computer
- Following the Lazarus group by tracking DeathNote campaign
April 12, 2023
The Lazarus group is a high-profile Korean-speaking threat actor with multiple sub-campaigns. Kaspersky researchers have previously published information about the connections of each cluster of this group. In this blog, Kaspersky focus on an active cluster that they dubbed DeathNote because the malware responsible for downloading additional payloads is named Dn.dll or Dn64.dll. This threat is ...
- DDoS attacks shifting to VPS infrastructure for increased power
April 12, 2023
Hyper-volumetric DDoS (distributed denial of service) attacks in the first quarter of 2023 have shifted from relying on compromised IoT devices to leveraging breached Virtual Private Servers (VPS). According to internet security company Cloudflare, the newer generation of botnets gradually abandoned the tactic of building large swarms of individually weak IoT devices and are now shifting ...
- Latitude Financial refuses to pay cyber-attack ransom demands
April 11, 2023
Finance company Latitude Financial says it will not give in to ransom demands by cyber criminals behind one of Australia’s largest cyber-attacks. Almost 8 million driver’s licenses of Australian and New Zealand customers have been stolen including more than 6 million customer records. Read more… Source: MSN News
- Microsoft, Fortra are this fed up with cyber-gangs abusing Cobalt Strike
April 10, 2023
Microsoft and Fortra are taking legal and technical actions to thwart cyber-criminals from using the latter company’s Cobalt Strike software to distribute malware. Microsoft’s Digital Crimes Unit (DUC), Fortra, and Health Information Sharing and Analysis Center (Health-ISAC) filed a 223-page complaint against multiple groups known to have used older and altered versions of Cobalt Strike in ...
- Criminals Pose as Chinese Authorities to Target US-based Chinese Community
April 10, 2023
The FBI warns of criminal actors posing as Chinese law enforcement officials or prosecutors in financial fraud schemes targeting the US-based Chinese community. Criminals tell victims they are suspects in financial crimes and threaten them with arrest or violence if they do not pay the criminals. Criminals exploit widely publicized efforts by the People’s Republic ...