Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Europol: World’s Largest Illegal Dark Web Marketplace Taken Down
January 12, 2021
DarkMarket, the world’s largest illegal marketplace on the dark web, has been taken offline in an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the United Kingdom (the National Crime Agency), and the USA (DEA, FBI, and IRS). Europol supported the takedown with specialist operational analysis and coordinated the cross-border collaborative effort of the countries ...
- New Zealand Reserve Bank breached using bug patched on Xmas Eve
January 12, 2021
A recent data breach at the Reserve Bank of New Zealand, known as Te Pūtea Matua, was caused by attackers exploiting a critical vulnerability patched the same day. Over the weekend, the Reserve Bank disclosed that they suffered a data breach after an attacker hacked a third-party file sharing service containing sensitive data. In a new advisory ...
- Free decrypter released for victims of Darkside ransomware
January 11, 2021
Cybersecurity firm Bitdefender has released today a free tool that can help victims of the Darkside ransomware recover their encrypted files for free, without paying the ransom demand. The tool, available for download from the Bitdefender site, along with usage instructions, gives hope to companies that had important files locked and ransomed by one of today’s ...
- UK: Fake NHS text asks for bank details in return for coronavirus vaccine
January 8, 2021
People are being warned about a fake NHS text which is demanding bank details from people waiting for a coronavirus vaccine. Liverpool City Council said in a “scam alert” that the message had been “circulating”, advising people they were eligible for a COVID-19 jab. The National Police Chiefs’ Council (NPCC) also tweeted a warning, reminding those waiting ...
- Adversary Infrastructure Report 2020: A Defender’s View
January 8, 2021
Recorded Future tracks the creation and modification of new malicious infrastructure for a multitude of post-exploitation toolkits, custom malware frameworks, and open-source remote access trojans. The effort has been ongoing since 2017, when Insikt Group created methodologies to identify the deployments of open-source remote access trojans (RATs). Recorded Future collected over 10,000 unique command and control ...
- TA551: Email Attack Campaign Switches from Valak to IcedID
January 7, 2021
TA551 (also known as Shathak) is an email-based malware distribution campaign that often targets English-speaking victims. The campaign discussed in this blog has targeted German, Italian and Japanese speakers. TA551 has historically pushed different families of information-stealing malware like Ursnif and Valak. After mid-July 2020, this campaign has exclusively pushed IcedID malware, another information stealer. This ...