Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- ADATA denies RansomHouse cyberattack, says leaked data from 2021 breach
October 8, 2022
Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting stolen files on their data leak site. The RansomHouse gang added ADATA files to their data leak site on Tuesday, claiming they stole 1TB worth of documents in a 2022 cyberattack.The threat actors also leaked samples of allegedly stolen files, ...
- Lloyd’s of London reboots after dodgy network activity detected
October 7, 2022
Lloyd’s of London has reset its IT systems and is probing a possible cyberattack against it after detecting worrisome network behavior this week. “Lloyd’s has detected unusual activity on its network and we are investigating the issue,” a spokesperson told The Register on Thursday. “As a precautionary measure, we are resetting the Lloyd’s network and systems. ...
- TOP 10 unattributed APT mysteries
October 7, 2022
Targeted attack attribution is always a tricky thing, and in general, we believe that attribution is best left to law enforcement agencies. The reason is that, while in 90% of cases it is possible to understand a few things about the attackers, such as their native language or even location, the remaining 10% can lead ...
- Initial access broker repurposing techniques in targeted attacks against Ukraine
October 7, 2022
As the war in Ukraine continues, TAG is tracking an increasing number of financially motivated threat actors targeting Ukraine whose activities seem closely aligned with Russian government-backed attackers. This post provides details on five different campaigns conducted from April to August 2022 by a threat actor whose activities overlap with a group CERT-UA tracks as ...
- Australian Federal Police arrest man suspected of exploiting Optus cyberattack
October 6, 2022
Aussie police have cuffed a 19-year-old Sydney resident accused of trying to extort money from victims of the recent cyberattack and digital burglary at national telecommunications provider Optus. The Australian Federal Police (AFP) said today it was alerted to the blackmail attempt when some Optus customers were told to transfer AU$2,000 ($1,300) to a bank account ...
- Nonprofit hospital network suffers IT meltdown after ‘security incident’
October 6, 2022
America’s second-largest nonprofit healthcare org is suffering a security “issue” that has diverted ambulances and shut down electronic records systems at hospitals around the country. CommonSpirit Health, a Chicago-based organization that has more than 1,000 facilities and 140 hospitals across 21 states, this week copped to an “IT security issue” affecting “some” of its locations. The ...