Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- FIN7 Capitalizes on Windows 11 Release in Latest Gambit
September 3, 2021
The FIN7 financial cybercrime gang is back, delivering JavaScript backdoors using Word documents themed around the next version of Windows. That’s according to researchers at Anomali, who observed a recent campaign from the group that leveraged six different docs, all referencing “Windows 11 Alpha” – the “Insider Preview” version of the upcoming Windows 11 operating system ...
- Confessions of a ransomware negotiator: Well, somebody’s got to talk to the criminals holding data hostage
September 3, 2021
Many people outside of IT believe computers will do away with jobs, but the current ransomware plague shows that new and more curious kinds of jobs are created at least as fast. So what sort of background sets you up to talk to people holding your data for ransom? To find out, The Reg talked to ...
- QakBot technical analysis
September 2, 2021
QakBot, also known as QBot, QuackBot and Pinkslipbot, is a banking Trojan that has existed for over a decade. It was found in the wild in 2007 and since then it has been continually maintained and developed. In recent years, QakBot has become one of the leading banking Trojans around the globe. Its main purpose is ...
- UK VoIP telco receives ‘colossal ransom demand’
September 2, 2021
Two UK VoIP operators have had their services disrupted over the last couple of days by ongoing, aggressive DDoS attacks. South Coast-based Voip Unlimited has confirmed it has been slapped with a “colossal ransom demand” after being hit by a sustained and large-scale DDoS attack it believes originated from the Russian cybercriminal gang REvil. This morning, it ...
- Dissected: A dropper-as-a-service miscreants pay to push their malware onto potentially 1,000s of victims
September 2, 2021
A dropper-as-a-service, which cyber-crime newbies can use to easily get their malware onto thousands of victims’ PCs, has been dissected and documented this week. A dropper is a program that, when run, executes a payload of malicious code. The dropper is similar to a trojan, and it can sometimes have other functionality, but its main purpose ...
- Scam artists are recruiting English speakers for business email campaigns
September 1, 2021
Native English speakers are being recruited in their droves by criminals trying to make Business Email Compromise (BEC) more effective. BEC schemes can be simple to execute and among the most potentially devastating for a business, alongside threats such as ransomware. A BEC scam will usually start with a phishing email, tailored and customized depending on the ...