Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Cloudflare says it stopped the largest DDoS attack ever reported
August 27, 2021
Cloudflare said it’s system managed to stop the largest reported DDoS attack in July, explaining in a blog post that the attack was 17.2 million requests-per-second, three times larger than any previous one they recorded. Cloudflare’s Omer Yoachimik explained in a blog post that the company serves over 25 million HTTP requests per second on average ...
- Ransomware: It’s only a matter of time before a smart city falls victim, and we need to take action now
August 27, 2021
Ransomware attacks are going to get worse – and one could eventually take out the infrastructure of an entire 5G-enabled smart city, a cybersecurity expert has warned. Cyber criminals deploying ransomware regularly target government services. Not only do public sector IT budgets mean networks are less secure against attacks, but said networks are also used to ...
- Ragnarok ransomware releases master decryptor after shutdown
August 26, 2021
Ragnarok ransomware gang appears to have called it quits and released the master key that can decrypt files locked with their malware. The threat actor did not leave a note explaining the move; all of a sudden, they replaced all the victims on their leak site with a short instruction on how to decrypt files The leak ...
- FBI releases alert about Hive ransomware after attack on hospital system in Ohio and West Virginia
August 26, 2021
The FBI has released an alert about the Hive ransomware after the group took down Memorial Health System last week. The alert explains that Hive is an affiliate-operated ransomware first seen in June that deploys “multiple mechanisms to compromise business networks, including phishing emails with malicious attachments to gain access and Remote Desktop Protocol to move ...
- New Campaign Sees LokiBot Delivered Via Multiple Methods
August 25, 2021
Trend Micro researchers recently detected an aggressive malware distribution campaign delivering LokiBot via multiple techniques, including the exploitation of older vulnerabilities. This blog entry describes and provides an example of one the methods used in the campaign, as well as a short analysis of the payload. We found that one of the command-and-control (C&C) servers ...
- Worldwide Phishing Attacks Ramped Up At the Peak of Working From Home
August 25, 2021
With more and more companies choosing to allow for flexible (hybrid/remote) work environments post-pandemic, we investigated the unique cyberthreats employees working from home face. Palo Alto analysis focused primarily on trends in Palo Alto firewall traffic and phishing pages detected by our URL Filtering service from September 2019 to April 2021. We found that in early ...