The FBI has published a Public Service Announcement (PSA) warning the public that cyber criminal threat actors are actively exploiting search engine advertisement services to impersonate brands and direct users to malicious sites that host ransomware and steal login credentials and other financial information.
According to the PSA, “Cyber criminals purchase advertisements that appear within internet search results using a domain that is similar to an actual business or service. When a user searches for that business or service, these advertisements appear at the very top of search results with minimum distinction between an advertisement and an actual search result. These advertisements link to a webpage that looks identical to the impersonated business’s official webpage.” Moreover, when a user is searching for a program to download, the fraudulent webpage has a link to download software that is in reality malware. The download page appears legitimate and the download itself is named after the program the user intended to download. The PSA emphasizes that while search engine advertisements are not malicious in nature, it is important to practice caution when accessing a web page through an advertised link. The PSA lists several methods individuals can take to defend against this activity. To report an incident or file a complaint, visit the FBI’s Internet Crime Complaint Center (IC3). Read the full PSA here.