Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Subway marketing system hacked to send TrickBot malware emails
December 12, 2020
Subway UK has disclosed that a hacked system used for marketing campaigns is responsible for the malware-laden phishing emails sent to customers yesterday. Starting yesterday, Subway UK customers received strange emails from ‘Subcard’ about a Subway order that was placed. Included in the email were links to documents allegedly containing confirmation of the order. After analyzing these ...
- Facebook doxes APT32, links Vietnam’s primary hacking group to local IT firm
December 11, 2020
In a surprising and unexpected announcement on Thursday, the Facebook security team has revealed the real identity of APT32, one of today’s most active state-sponsored hacking group, believed to be linked to the Vietnamese government. The company said it took this step after it detected APT32 using its platform to spread malware in attempts to infect ...
- CISA and FBI warn of rise in ransomware attacks targeting K-12 schools
December 11, 2020
In a joint security alert published on Thursday, the US Cybersecurity Infrastructure and Security Agency, along with the Federal Bureau of Investigation, warned about increased cyber-attacks targeting the US K-12 educational sector, often leading to ransomware attacks, the theft of data, and the disruption of distance learning services. “As of December 2020, the FBI, CISA, and ...
- Investigating the Gootkit Loader
December 11, 2020
Since October 2020, we saw an increase in the number of Gootkit cases targeting users in Germany. We investigated this development and found that the Gootkit loader was now capable of sophisticated behavior that enabled it to surreptitiously load itself onto an affected system and make analysis and detection more difficult. This capability was used to ...
- MountLocker ransomware gets slimmer, now encrypts fewer files
December 11, 2020
MountLocker ransomware received an update recently that cut its size by half but preserves a weakness that could potentially allow learning the random key used to encrypt files. This ransomware operation started in July 2020, and it targets corporate networks. Its operators steal data before encrypting it and threaten victims to leak files unless their multi-million ...
- The story of the year: remote work
December 10, 2020
The coronavirus pandemic has caused sudden, sweeping change around the world. The necessary social distancing measures are having an impact on all of us. One large part of society that has been affected by these measures more than others is the employed. While direct customer facing businesses like restaurants and retailers have had to change ...