The FBI is warning the public that cybercriminals are impersonating brands via search engine ad. (Photo by Chip Somodevilla/Getty Images)The FBI issued a public service announcement warning that cybercriminals are impersonating brands via search engine advertisements to direct users to malicious sites.According to the Dec. 21 PSA, the sites host ransomware and steal login credentials, and other financial information, particularly for cryptocurrency platforms.The cybercriminals purchase the ads to appear within search results using domains that are similar to an actual business, but link to a webpage that looks identical to the legitimate business page.
If a user is searching for a program to download, the fraudulent page links to malware instead. For instances when a site impersonates financial organizations, particularly crypto exchanges, the sites prompt users to enter login credentials and financial information.The FBI recommends:
Make user the URL is authentic and without typos.
Type in the business’s URL instead of searching.
Using an ad blocking extension.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.
Such an intrusion was claimed to have resulted in the erasure of user accounts and the locking of administrative accounts, with Tooda hackers alleging the release of Doxbin admins' personal information and a blacklist of individuals who had paid for the data to be removed from the site while threatening to expose a user database with almost 136,000 username and email pairs.
Attacks involved the delivery of malicious emails warning travelers of potential denied entry due to incomplete immigration requirements that include a link redirecting to a fake government portal-spoofing website facilitating login credential and payment data theft, a report from Cofense revealed.