Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024
  • Security & Privacy News

    Watch out - that Amazon or Microsoft ad could just be malware

    aum

    By aum,
    Published Date:

    • 264 views
    • 2 minutes
     Share
    • 264 views
    • 2 minutes

    Just because an ad is on Google, it doesn't mean it's clean

     

    Advertising fraud on trusted internet platforms such as Google is on the rise again, according to a new report from Malwarebytes.

     

    In a blog post, Jérôme Segura, Senior Threat researcher at the company explained how criminals abuse legitimate advertising services to get malicious links in front of unsuspecting victims.

     

    As it turns out, the criminals are able to buy ad space on Google Ads, for example, which ensures that their ad will show up at the very top of Google’s Search Engine Results Pages (SERP).

     

    Fake ads

     

    The scammers would then create a fake ad for a popular company with millions of monthly searches, such as Amazon, for example.

     

    Given that people usually click on whatever link shows up at the top of the SERPs, the researcher claims, having a malicious link appear there is very dangerous.

     

    These ads, which impersonate major brands, are done in a way that bypasses Google’s filtering mechanisms and are even able to display legitimate links. In a screenshot showing one such example, the legitimate Amazon link is clearly visible, even though that’s not the website the victim ends up visiting, should they click the ad.

     

    The victims that end up clicking the ad are usually shown a fake antivirus scan claiming their computer has a virus and needs to be cleaned with the help of a professional. The “professional” would then usually trick the victim into downloading remote desktop solutions, which opens the doors for countless other malware. In other instances, the victims would be shown a landing page mimicking the login prompt for popular services such as Amazon, Microsoft, or Google.

     

    Tackling the issue isn’t that straightforward, the researcher also says, describing malvertising as “a complex issue” that generates billions of daily ad impressions. Still, the best way forward is for businesses to educate their employees and users about malvertising.

     

    Still, “we can't blame them for clicking on paid ads that are supposedly verified as trusted,” he concludes.

     

    Source

     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...