Google ads malvertising

Normally, if you know what you’re doing on the internet, you’d be able to keep yourself pretty safe from malware attacks or scams. But cybercriminals are coming up with a new ingenious tactic of hooking victims, which is by using Google’s own advertising system.

The idea behind this method of scam makes sense. After all, whenever you type in, for example, YouTube in a browser search bar, Google will more often than not put an ad for the YouTube home page at the very top of the search results. The actual link to the same page will appear immediately below, and clicking both brings you to the same page anyway.

That is of course assuming that you’ve clicked on a genuine “ad”. Click on a fake one, and chances are you’ll get redirected to a fake tech support page pretending to be a security alert from Windows Defender. This even comes with a number for you to call to get “help” from.

BleepingComputer went along with the scam attempt for a bit, and reports that the “support technician” prompted the download and installation of TeamViewer, a remote access and remote control software. From there, it’s more than likely that the cybercriminals will install some form of malware in the guise of “fixing” the issue.

Cybersecurity firm Malwarebytes, which first discovered the “malvertising” campaign, has since published a detailed blog post about this new attack vector. In addition to YouTube, the cybercriminals also made use of other popular searches like Facebook, Amazon and Walmart.

Despite only being recently reported, Malwarebytes estimates that this malvertising campaign is actually a few weeks old. And while no numbers are available as to the number of victims, they’re likely to be pretty high. After all, this method not only makes use of Google ads which often come before actual search results, but also utilises popular search terms, two of which have global reach.

(Source: Malwarebytes [1], [2], BleepingComputer via TechRadar)

The post Cybercriminals Using Google Ads To Scam Victims appeared first on Lowyat.NET.