Threat Awareness – Tech Support Scam Highlights Dangers of Trusting Google Ads

Bleeping Computer has written an article discussing a recently discovered campaign utilizing Google ads to deliver technical support scams to victims, highlighting the continuing threat of malvertising.

Malvertising, a form of SEO poisoning, is when threat actors abuse search engine advertisements to impersonate brands and direct users to malicious sites that can compromise devices by delivering ransomware and other forms of malware. Bleeping Computer researchers discovered the scam after stumbling across a Google ad that appeared to contain a legitimate Amazon URL that, in reality, redirected users to a tech support scam site that automatically goes into full screen mode in order to trap less technically proficient victims. A similar campaign was discovered in 2022. These sorts of attacks depend upon Google making it easy for advertisers to impersonate other companies URLs, where they appear legitimate. Members are suggested to use this and similar campaigns to educate employees on the risks of trusting Google ads.

To protect against malvertising, members are encouraged to review CISA’s CAPACITY ENHANCEMENT GUIDE Securing Web Browsers and Defending Against Malvertising for Non-Federal Organizations. Read more at Bleeping Computer.