Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a sponsored search result on Google.
In the latest example of this type of scam, we found tech support scammers hijacking the results of people looking for 24/7 support for Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a major brand. Often, this ad leads people to a fake website. However, in the cases we recently found, the visitor is taken to the legitimate site with a small difference.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- New RegretLocker ransomware targets Windows virtual machines
November 3, 2020
A new ransomware called RegretLocker uses a variety of advanced features that allows it to encrypt virtual hard drives and close open files for encryption. RegretLocker was discovered in October and is a simple ransomware in terms of appearance as it does not contain a long-winded ransom note and uses email for communication rather than a ...
- Cybersecurity threats to corporate America are present now ‘more than ever,’ SEC chair says
November 2, 2020
Securities and Exchange Commission Chairman Jay Clayton is telling corporate America it needs to get much more vigilant on security. In an interview Monday on CNBC’s “Power Lunch,” stressed that significant cybersecurity threats remain, despite the ongoing coronavirus pandemic and election season. “Cyber risks have not gone away with the unfortunate, unforeseen risks we’ve faced with ...
- Hacker is selling 34 million user records stolen from 17 companies
October 31, 2020
A threat actor is selling account databases containing an aggregate total of 34 million user records that they claim were stolen from seventeen companies during data breaches. On October 28th, a data breach broker created a new topic on a hacker forum to sell the stolen user databases for seventeen companies. In a conversation with BleepingComputer, the ...
- Wroba Mobile Banking Trojan Spreads to the U.S. via Texts
October 30, 2020
The Wroba mobile banking trojan has made a major pivot, targeting people in the U.S. for the first time. According to researchers at Kaspersky, a wave of attacks are taking aim at U.S. Android and iPhone users in an effort that started on Thursday. The campaign uses text messages to spread, using fake notifications for “package ...
- Lazada confirms 1.1M accounts compromised in RedMart security breach
October 30, 2020
Singapore-based online grocery platform RedMart has suffered a data breach that compromised personal data of 1.1 million accounts. An individual has claimed to be in possession of the database involved in the breach, which contains various personal information such as mailing addresses, encrypted passwords, and partial credit card numbers. RedMart customers on Friday were logged out ...
- REvil ransomware gang claims over $100 million profit in a year
October 29, 2020
REvil ransomware developers say that they made more than $100 million in one year by extorting large businesses across the world from various sectors. They are driven by profit and want to make $2 billion from their ransomware service, adopting the most lucrative trends in their pursuit of wealth. Read more… Source: Bleeping Computer