Be very careful when searching for Amazon-related goods on Google - cybersecurity researchers are warning that instead of landing on web store, you might end up visiting a malicious website that locks your browser.
For many people, Google’s search engine is their home page, and instead of typing in known addresses in the address bar, would simply search for the site on Google and click on the top-first result.
However, years ago, Google reserved the top spot for ads - the first result usually has the disclosure announcement “sponsored”. And now it seems threat actors have successfully exploited this feature to lure victims into their trap.
Fake tech support
Given the overwhelming popularity of Google’s search engine with internet users, cybercriminals who mange to implant a fake ad at the top of results pages have a good chance of catching them out.
Now, BleepingComputer has reported of such a campaign that targeted would-be visitors of Amazon. Typing in the keyword in Google brings up an ad, seemingly from the online shop and even showing the company’s legitimate URL.
> A global ad fraud campaign based on Google Ads has made millions
> This Google Ads campaign pushes malware that your antivirus can't pick up
> Here's our rundown of the best antivirus programs
But clicking on the link does not redirect the victim to Amazon’s website, but rather to a fake tech support site, displaying a fraudulent alert from Microsoft Defender that claims the computer is infected with malware.
These scams, the publication explains, automatically go into full-screen mode, and the only way to shut the browser down is to terminate the process via the Task Manager. However, upon restart, users get prompted to restore previously closed pages which only brings the victims back to the tech support scam page.
Google is usually good at spotting fake and malicious ads and moves quickly to remove them from its network. However, some do make it through. Both Google and Amazon are currently silent on the matter, although this campaign is a good warning sign that even the best companies should not be trusted blindly.
- Here's our take on the best firewalls today
Via: BleepingComputer