The FBI is warning of cyber criminals using search engine advertisement services to impersonate brands and direct users to websites that were used to defraud users. The sites host ransomware and are used to steal login credentials and other financial information from users.
Crooks purchase advertisements through search engine advertisement services, feds observed threat actors using a domain that is similar to an actual business or service. When online users search for that business or service, advertisements appear at the top of search results produced by the search engine. The advertisements link to a webpage that impersonated a legitimate business.
“In instances where a user is searching for a program to download, the fraudulent webpage has a link to download software that is actually malware. The download page looks legitimate and the download itself is named after the program the user intended to download.” reads the advisory published by the FBI.
The advertisements impersonate websites of financial organizations and cryptocurrency exchange platforms. The landing websites were designed to prompt users to enter login credentials and financial information.
Below are the recommendations provided by the FBI to online users:
The FBI also recommends businesses to:
(SecurityAffairs – hacking, search engine advertisement services)