Google ad scams

Malwarebytes Labs uncovered a malvertising chain abusing Google’s ad network to redirect visitors to tech support scams. Unsuspecting users searching for popular keywords click an ad and their browser gets hijacked with fake warnings urging them to call rogue Microsoft agents for support.

What makes this campaign stand out is that it exploits a common search behavior when it comes to navigating the web: looking up websites by name instead of entering its full URL in the address bar.

Threat actors are purchasing Google ad space for popular keywords and their associated typos. A common human behavior is to do a quick search to get the website you want without entering its full URL. Typically a user will (blindly) click the first link returned, whether it's an ad or a real search result.

Read the rest of the story at Malwarebytes Labs here.