Cyber Criminals Are Impersonating Brands Consumers Trust Using Search Engine Advertisement Services to Defraud The Public
The FBI FBI - Federal Bureau of Investigation
The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, the FBI is also a member of the U.S. Intelligence Community and reports to both the Attorney General and the Director of National Intelligence. A leading U.S. counter-terrorism, counterintelligence, and criminal investigative organization, the FBI has jurisdiction over violations of more than 200 categories of federal crimes, including financial fraud. is warning the public that cybercriminals are using search engine advertisement services to impersonate brands and direct users to malicious fake websites that host ransomware Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies that are used for the ransoms, making tracing and prosecuting the perpetrators difficult. Ransomware attacks are typically carried out using a Trojan virus disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automatically between computers without user interaction. or steal login credentials and other financial information.
The scammers are actually paying to create these advertisements since the public believes that advertisements are generally not scams. No one can afford to believe that anymore!
How These Scams Work
Cyber criminals purchase advertisements from Google and other search engines (such as Bing, etc) that appear within internet search results using a domain that is similar to an actual business or service (typo domains).
When a user searches for that business or service, these advertisements appear at the very top of search results with a minimal distinction between an advertisement and an actual search result. These advertisements link to a webpage that looks identical to the impersonated business’s official webpage.
In instances where a user is searching for a program to download, an e-commerce store, or something else they want or need are taken to the fraudulent webpage via that advert. If it was for software it has a link to download software that is actually malware Short for "malicious software," this term means computer viruses and other types of programs that cybercriminals use to disrupt or access your computer, typically with the aim of gathering sensitive files and accounts.. The download page looks legitimate and the download itself is named after the program the user intended and expected to download.
These advertisements have also been used to impersonate websites involved in finances, particularly cryptocurrency exchange platforms. These malicious sites appear to be real exchange platforms and prompt users to enter login credentials and financial information, giving criminal A criminal is any person who through a decision or act engages in a crime. This can be complicated, as many people break laws unknowingly, however, in our context, it is a person who makes a decision to engage in unlawful acts or to place themselves with others who do this. A criminal always has the ability to decide not to break the law, or if they initially engage in crime to stop doing it, but instead continues. actors access to steal funds.
NOTE: they tend to be impersonating companies and brands that do little to police the links that appear on search engines. Major brands like COCA-COLA for example, meticulously police their brands looking for fakes.
While search engine advertisements are not malicious in nature, it is important to practice caution when accessing a web page through an advertised link. You are better looking at the add and then looking below for the actual company, brand, or product link.
Tips To Protect Yourself
We recommend individuals take the following precautions:
- Before clicking on an advertisement, check the URL to make sure the site is authentic. A malicious domain name may be similar (can be almost identical) to the intended URL but with typos or a misplaced letter.
- Rather than search for a business or financial institution, type the business’s URL into an internet browser’s address bar to access the official website directly. Except, you have to be careful because a mistyped address can often lead to a fake website too!
- Try searching of the name of the brand or company and add “official website” to the search.
- Use an ad-blocking Blocking is a technical action usually on social media or messaging platforms that restricts or bans another profile from seeing or communicating with your profile. To block someone on social media, you can usually go to their profile and select it from a list of options - often labeled or identified with three dots ••• extension in your browser (EDGE browser has this built-in) when performing internet searches. Most internet browsers allow a user to add extensions, including extensions that block Blocking is a technical action usually on social media or messaging platforms that restricts or bans another profile from seeing or communicating with your profile. To block someone on social media, you can usually go to their profile and select it from a list of options - often labeled or identified with three dots ••• advertisements. These ad blockers can be turned on and off within a browser to permit advertisements on certain websites while blocking advertisements on others.
We also recommend businesses take the following precautions:
- Use domain protection services to notify businesses when similar domains are registered to prevent domain spoofing Spoofing occurs when a caller maliciously transmits false caller ID information to increase the likelihood that you'll answer. Scammers often spoof local numbers, private companies, government agencies and other institutions. It can also apply to pretending to be an email address, or through other media..
- Educate your friends and family, and co-workers about spoofed websites and the importance of confirming destination URLs are correct.
- Educate your friends and family, and co-workers about where to find legitimate downloads for programs provided by a business.