Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Microsoft confirms it was breached by hacker group
March 23, 2022
Microsoft has confirmed it was breached by the hacker group Lapsus$, adding to the cyber gang’s growing list of victims. In a blog post late Tuesday, Microsoft said Lapsus$ had compromised one of its accounts, resulting in “limited access” to company systems but not the data of any Microsoft customers.” Our cybersecurity response teams quickly engaged to ...
- Corrupted open-source software enters the Russian battlefield
March 22, 2022
It started as an innocent protest. Npm, JavaScript’s package manager maintainer RIAEvangelist, Brandon Nozaki Miller, wrote and published an open-code npm source-code package called peacenotwar. It did little except add a protest message against Russia’s invasion of Ukraine. But then, it took a darker turn: It began destroying computers’ file systems. To be exact, Miller added ...
- More Conti ransomware source code leaked on Twitter out of revenge
March 20, 2022
A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine. Conti is an elite ransomware gang run by Russian-based threat actors. With their involvement in developing numerous malware families, it is considered one of the most active cybercrime ...
- How hackers are trying to undermine Putin
March 20, 2022
The Anonymous hacktivist collective has been bombarding Russia with cyber-attacks since declaring “cyber war” on President Vladimir Putin in retaliation for the invasion of Ukraine. Several people operating under its banner spoke to the BBC about their motives, tactics and plans. Of all the cyber-attacks carried out since the Ukraine conflict started, an Anonymous hack on ...
- New Browser-in-the-Browser attack could be used for phishing
March 18, 2022
A novel way of tricking people out of their passwords has left us wondering if there’s a need to rethink how much we trust our web browsers to protect us and to accelerate efforts to close web security gaps. Earlier this week, an infosec researcher known as mr.d0x described a browser-in-the-browser (BitB) attack. It’s a way ...
- Exotic Lily: Exposing initial access broker with ties to Conti
March 18, 2022
In early September 2021, Threat Analysis Group (TAG) observed a financially motivated threat actor we refer to as EXOTIC LILY, exploiting a 0day in Microsoft MSHTML (CVE-2021-40444). Investigating this group’s activity, we determined they are an Initial Access Broker (IAB) who appear to be working with the Russian cyber crime gang known as FIN12 (Mandiant, ...