FBI issues threat alert on cyber criminals impersonating brands and defrauding users with search engine ads

Share post:

The Federal Bureau of Investigation (FBI) has issued a new threat alert about cyber criminals impersonating brands and using search engine advertisement services to defraud users.

The December 21, 2022, public service announcement stated that threat actors are purchasing these ad services to impersonate brands in order to lure users to malicious websites.

These sites, which “look exactly like the impersonated business’s official webpage,” tempt victims to download malware or enter login credentials and financial information, the FBI said.

Cyber criminals buy ads that appear in web search results by using a domain that looks similar to a legitimate business. These advertisements link to a webpage that is identical to the impersonated business and contains links to download malware-infected software. The download page appears to be legitimate, and the download is named after the program that the user intended to download. These cyberattack methods have also been used to impersonate financial websites, particularly cryptocurrency exchange platforms.

The FBI then advises users to verify the URL before clicking, to type the business url directly into the search engine rather than looking up the business, and to install an ad blocking extension.

The sources for this piece include an article in ic3.

SUBSCRIBE NOW

Related articles

Sleeper Supply Chain Attack Activates After 6 Years

A coordinated supply chain attack has compromised between 500 and 1,000 e-commerce websites by exploiting vulnerabilities in 21...

Russian-Controlled Open Source Tool Raises Alarms Over U.S. Cybersecurity

A widely used open-source Go library, easyjson, used in healthcare, finance and even defence has come under scrutiny...

Signal Archiving Tool Used By Trump Admin Is Breached, Raising Alarms Over Messaging Security (EDITORIAL)

(EDITORIAL) A messaging tool used by Trump administration officials to archive encrypted Signal messages has been hacked —...

Anthropic Warns: AI “Virtual Employees” Could Pose Security Risks Within a Year

Anthropic, a leading artificial intelligence company, anticipates that AI-powered virtual employees could begin operating within corporate networks as...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways