Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Major Cyber Insurance Overhaul Begins Now
April 9, 2023
One thing is clear about cyber insurance in the spring of 2023: The status quo is not sustainable. And now, Lloyd’s of London, a major player in the global insurance market, is calling for dramatic changes in the cyber insurance market. According to The Financial Times (FT), “From next month, Lloyd’s will require the dozens of ...
- Money Message ransomware gang claims MSI breach, demands $4 million
April 7, 2023
Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as “Money Message,” which claims to have stolen source code from the company’s network. MSI is a global hardware giant that makes motherboards, graphics cards, desktops, laptops, servers, industrial systems, PC peripherals, and infotainment products, with ...
- Genesis Market Disrupted in International Cyber Operation
April 6, 2023
U.S. Attorney Gregory J. Haanstad for the Eastern District of Wisconsin joined the Attorney General and other Justice Department officials in announcing a coordinated international operation that resulted in the dismantlement of Genesis Market, a criminal marketplace accessible on the dark web and clear web that advertised and sold packages of account access credentials – ...
- Typhon info-stealing malware devs upgrade evasion capabilities
April 5, 2023
The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as ‘Typhon Reborn V2’ They boast significant improvements designed to thwart analysis via anti-virtualization mechanisms. The original Typhon was discovered by malware analysts in August 2022. Cyble Research Labs analyzed it at the ...
- UK criminal records office suffers two-month “cyber security incident”
April 5, 2023
The UK’s national office for managing criminal record information (ACRO) has confirmed it’s currently trying to recover from a two-month “cyber security incident”. Few details were revealed by the organisation and other authorities, other than that the attack took place between 17 January and 21 March 2023. Read more… Source: IT Pro
- New Rorschach ransomware is the fastest encryptor seen so far
April 4, 2023
Following a cyberattack on a U.S.-based company, malware researchers discovered what appears to be a new ransomware strain with “technically unique features,” which they named Rorschach. Among the capabilities observed is the encryption speed, which, according to tests from the researchers, would make Rorschach the fastest ransomware threat today. Read more… Source: Bleeping Computer