Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Olympus US systems hit by cyberattack
October 12, 2021
Olympus, a leading medical technology company, was forced to take down IT systems in the Americas (U.S., Canada, and Latin America) following a cyberattack that hit its network Sunday, October 10, 2021. “Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority ...
- Cyberattack shuts down Ecuador’s largest bank, Banco Pichincha
October 12, 2021
Ecuador’s largest private bank Banco Pichincha has suffered a cyberattack that disrupted operations and taken the ATM and online banking portal offline. The cyberattack occurred over the weekend, causing the bank to shut down portions of their network to prevent the attack’s spread to other systems. Read more… Source: Bleeping Computer
- Pacific City Bank discloses ransomware attack claimed by AvosLocker
October 11, 2021
Pacific City Bank (PCB), one of the largest Korean-American community banking service providers in America, has disclosed a ransomware incident that took place last month. The bank is circulating notices to inform its clients of a security breach it identified on August 30, 2021, which they claim to have addressed promptly. Read more… Source: Bleeping Computer
- Ukrainian police arrest DDoS operator controlling 100,000 bots
October 11, 2021
Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers. DDoS for hire The threat actor was arrested at his home in Prykarpattia where he was allegedly using the botnet to perform DDoS attacks or to support other malicious activity for his clients. This activity included ...
- Ransomware in the Commonwealth of Independent States
October 7, 2021
These days, when speaking of cyberthreats, most people have in mind ransomware, specifically cryptomalware. In 2020–2021, with the outbreak of the pandemic and the emergence of several major cybercriminal groups (Maze, REvil, Conti, DarkSide, Avaddon), an entire criminal ecosystem took shape, leading to a mounting worldwide wave of attacks on large organizations with pockets deep ...
- SilverTerrier – Nigerian Business Email Compromise
October 7, 2021
Business email compromise (BEC) remains the most common and most costly threat facing our customers. The year 2020 marked the fifth year in which these schemes held the top position on the annual FBI Internet Crime Complaint Center (IC3) report. Over half a decade, global losses ballooned from $360 million in 2016 to a staggering ...