Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Rook ransomware is yet another spawn of the leaked Babuk code
December 24, 2021
A new ransomware operation named Rook has appeared recently on the cyber-crime space, declaring a desperate need to make “a lot of money” by breaching corporate networks and encrypting devices. Although the introductory statements on their data leak portal were marginally funny, the first victim announcements on the site have made it clear that Rook is ...
- Honeypot experiment reveals what hackers want from IoT devices
December 22, 2021
A three-year-long honeypot experiment featuring simulated low-interaction IoT devices of various types and locations gives a clear idea of why actors target specific devices. More specifically, the honeypot was meant to create a sufficiently diverse ecosystem and cluster the generated data in a way that determines the goals of adversaries. IoT (Internet of Things) devices are a ...
- PYSA ransomware behind most double extortion attacks in November
December 21, 2021
Security analysts from NCC Group report that ransomware attacks in November 2021 increased over the past month, with double-extortion continuing to be a powerful tool in threat actors’ arsenal. Threat actors’ focus is also shifting to entities belonging to the government sector, which received 400% more attacks than in October. The spotlight in November was stolen by ...
- Russian hackers made millions by stealing SEC earning reports
December 21, 2021
A Russian national working for a cybersecurity company has been extradited to the U.S. where he is being charged for hacking into computer networks of two U.S.-based filing agents used by multiple companies to file quarterly and annual earnings through the Securities and Exchange Commissions (SEC) system. Along with other conspirators, the individual made millions of ...
- After ransomware attack, global logistics firm Hellmann warns of scam calls and mail
December 20, 2021
German logistics giant Hellmann has warned its customers and partners to be on the lookout for fraudulent calls and mail after the company was hit with a ransomware attack two weeks ago. In an update about the cyberattack that initially forced them to remove all connections to their central data center, the company said business operations ...
- Scammers grabbed $7.7 billion worth of cryptocurrency in 2021, say researchers
December 20, 2021
Cryptocurrency-based scammers and cyber criminals netted a whopping $7.7 billion worth of cryptocurrency from victims in 2021, marking an 81% rise in losses compared to 2020, according to blockchain analysis firm, Chainalysis. Some $1.1 billion of the $7.7 billion in losses were attributed to a single scheme which allegedly targeted Russia and Ukraine, it said. “As the ...