Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Unusual ‘Donald Trump’ Packer Malware Delivers RATs, Infostealers
January 24, 2022
A new .NET malware packer being used to deliver a variety of remote access trojans (RATs) and infostealers has a fixed password named after Donald Trump, giving the new find its name, “DTPacker.” DTPacker was discovered by researchers at Proofpoint who, since 2020, have observed it being used by several threat actors in campaigns targeting hundreds ...
- Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
January 24, 2022
While monitoring of the LockBit ransomware’s intrusion set, Trend Micro researchers found an announcement for LockBit Linux-ESXi Locker version 1.0 on October 2021 in the underground forum “RAMP,” where potential affiliates can find it. This signifies the LockBit ransomware group’s efforts to expand its targets to Linux hosts. Since October, we have been seeing samples ...
- Malicious PowerPoint files used to push remote access trojans
January 24, 2022
Since December 2021, a growing trend in phishing campaigns has emerged that uses malicious PowerPoint documents to distribute various types of malware, including remote access and information-stealing trojans. According to a report by Netskope’s Threat Labs shared with Bleeping Computer before publication, the actors are using PowerPoint files combined with legitimate cloud services that host the ...
- Japan’s Supreme Court rules cryptojacking scripts are not malware
January 21, 2022
A man found guilty of using the Coinhive cryptojacking script to mine Monero on users’ PCs while they browsed the web has been cleared by Japan’s Supreme Court on the grounds that crypto mining software is not malware. Tokyo High Court ruled against the defendant, 34-year-old Seiya Moroi, on charges of keeping electromagnetic records of an ...
- Indonesia c.bank says ransomware attack did not impact services
January 20, 2022
Indonesia’s central bank said on Thursday that it had been attacked last month by ransomware, but the risk from the attack had been mitigated and did not affect its public services. “We were attacked, but so far so good as we took anticipatory measures and most importantly public services at Bank Indonesia were not disrupted at ...
- SEC Filing Reveals Fortune 500 Firm Targeted in Ransomware Attack
January 20, 2022
Fortune 500 integrated services firm R.R.Donnelley & Sons (RRD) is the latest victim of the hacking collective known as the Conti Group. According to regulatory disclosures RRD was the victim of a network breach that resulted in stolen data in December. RRD, a global firm with 33,000 employees, disclosed incident details in its U.S. Securities and ...