- "기밀 VM의 빈틈을 메운다" 마이크로소프트의 오픈소스 파라바이저 '오픈HCL'란?
- The best early Black Friday AirPods deals: Shop early deals
- The 19 best Black Friday headphone deals 2024: Early sales live now
- I tested the iPad Mini 7 for a week, and its the ultraportable tablet to beat at $100 off
- The best Black Friday deals 2024: Early sales live now
FBI: Cyber-Criminals Are Purchasing Search Engine Ad Services to Launch Attacks
The FBI has warned that cyber-criminals are using search engine advertisement services to defraud the public.
The public service announcement, issued on December 21, 2022, stated that threat actors are purchasing these ad services to impersonate brands for the purpose of luring users to malicious websites.
These sites, which “look identical to the impersonated business’s official webpage,” entice victims to download malware or enter login credentials and financial information.
For example, “in instances where a user is searching for a program to download, the fraudulent webpage has a link to download software that is actually malware.”
The FBI noted that these advertisements are also being used to impersonate websites involved in finances, particularly cryptocurrency exchange platforms.
Search engine advertising services are used by businesses to ensure their ads appear at the very top of search results, with minimum distinction between an advertisement and an actual internet search result. However, the alert said that cyber-criminals are also purchasing these services using a domain that is similar to a real business or service for nefarious purposes.
The law enforcement agency emphasized that while search engine advertisements are not malicious in nature, users should “practice caution when accessing a web page through an advertised link.”
The FBI set out a number of recommended actions for users to take when searching for a business or service online. These are:
- Check the URL for typos before clicking on an advert to ensure the site is legitimate
- Type the business’s URL into an internet browser’s address bar to access the official website directly rather than via a search engine where possible
- Use an ad blocking extension when performing internet searches
The agency also advised businesses to take precautions, such as using domain protection services to notify them when similar domains are registered to prevent domain spoofing and provide education for users on how to detect malicious URLs.
This week, it was reported that a new fraudulent online ad campaign using Google Ads on adult websites may have made its operators hundreds of thousands of dollars per month.