The Federal Bureau of Investigation (FBI) this week raised the alarm on cybercriminals impersonating brands in advertisements that appear in search engine results. The agency has advised consumers to use ad blockers to protect themselves from such threats.
The attackers register domains similar to those of legitimate businesses or services and use those domains to purchase ads from search engine advertisement services, the FBI says in an alert.
These nefarious ads are displayed at the top of the web page when the user searches for that business or service, and the user might mistake them for an actual search result.
Links included in these ads take users to pages that are identical to the official web pages of the impersonated businesses, the FBI explains.
If the user searches for an application, they are taken to a fake web page that uses the real name of the program the user searches for, and which contains a link to download software that is, in fact, malware.
“These advertisements have also been used to impersonate websites involved in finances, particularly cryptocurrency exchange platforms,” the FBI notes.
Seemingly legitimate exchange platforms, the malicious sites prompt users to provide their login and financial information, which the cybercriminals then use to steal the victim’s funds.
“While search engine advertisements are not malicious in nature, it is important to practice caution when accessing a web page through an advertised link,” the FBI says.
Businesses are advised to use domain protection services to be notified of domain spoofing, and to educate users about spoofed websites and on how to find legitimate downloads for the company’s software.
Users are advised to check URLs to make sure they access authentic websites, to type a business’ URL into the browser instead of searching for that business, and to use ad blockers when performing internet searches.
Ad blockers can have a negative impact on the revenues of online businesses and advertisers, but they can be good for online security, and even the NSA and CIA are reportedly using them.
Related: FBI Warns of Hacktivist DDoS Attacks, But Says Impact Limited
Related: FBI Warns of Iranian Cyber Firm’s Hack-and-Leak Operations
Related: FBI Warns of Unpatched and Outdated Medical Device Risks
Related: FBI Warns of Proxies and Configurations Used in Credential Stuffing Attacks

More from Ionut Arghire
- 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder
- Florida Hospital Cancels Procedures, Diverts Patients Following Cyberattack
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Atlassian Warns of Critical Jira Service Management Vulnerability
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- Google Shells Out $600,000 for OSS-Fuzz Project Integrations
- F5 BIG-IP Vulnerability Can Lead to DoS, Code Execution
- Flaw in Cisco Industrial Appliances Allows Malicious Code to Persist Across Reboots
Latest News
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder
- Cyber Insights 2023 | Zero Trust and Identity and Access Management
- Cyber Insights 2023 | The Coming of Web3
- European Police Arrest 42 After Cracking Covert App
- Florida Hospital Cancels Procedures, Diverts Patients Following Cyberattack
- VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability
- Fraudulent “CryptoRom” Apps Slip Through Apple and Google App Store Review Process
