Google Ads - They're good for generating prospects, bringing awareness ... and spreading malware? Apparently so.
Malware hackers have recently started abusing the Google Ads platform to spread malware to unsuspecting individuals searching for well-known software companies.
Think of all the popular business software's you might use on a daily basis. There's Grammarly, Slack, Dashlane, Ring, AnyDesk, and Teamviewer just to name a few.
Bad actors are using the notoriety of these popular companies, creating duplicate websites and offering well-known software full of hidden malware.
If you aren't paying close enough attention when you Google search, you could be next!
In this post, we will be going over this recent discovery and how you can protect yourself from falling victim to similar scams.
Let's get into it.
How Typosquatting Ties into Google Ads
BleepingComputer recently came out with a list revealing over 200 domains that were made to impersonate popular software companies.
Now, you may have heard the concept of typosquatting. Cyber criminals creating websites with similar domains to popular sites. But the question is, how are people stumbling upon these malicious websites?
The answer is Google Ads.
Bad actors are promoting their malicious websites to more unsuspecting people through Google Ad campaigns.
The Google Ads platform helps websites promote their pages on a Google search.
The issue is that Google is actually placing these fake website ads above the legitimate websites on search results.
Which means if you are someone without an active ad blocker searching for software, you will more than likely be shown an ad for a malicious website.
And if you aren't looking closely, you might actually click on this ad because it's shown top of page, above the real domain.
Cybercriminals are banking on the fact that their ad and website look real enough that you won't be suspicious and check.
Google does have a system where they take down a campaign if they deem the landing site unsafe. Unfortunately, these threat actors are employing something that allows them to bypass Google's automatic checks.
The work around is the ad leading to a landing page with no malicious activity that once clicked on, quickly redirects people to the malicious site.
It happens so fast, visitors often never see the temporary landing page.
The malware is often undetected in download because it comes bundled with real software.
Users get the software they meant to get while the malware silently downloads in the background.
Protect Yourself From Harmful Downloads
As this becomes a growing issue, it will be some time until Google can gain full control of the situation.
In the meantime, there are several steps you can take to protect yourself from harmful downloads.
First, I would suggest adding an ad-blocker to your web browser.
That way you filter out any promoted results from Google.
Another precaution you can take is to stay aware and suspicious.
If you are searching for something specific, scroll down the results page and only click on the official domain you are looking for. Avoid the ad results as best you can.
If you are someone who frequents a website for its software or whatever else, I would suggest bookmarking the page for direct access.That way, you avoid google accidentally showing you results leading to a fake page.
Lastly, make sure any link you click on has proper domain spelling. Everything might look right at first, but all it takes is one character change to end up on a malicious look-alike site.
If hackers use Google Ads to spread malware, what else will they do?
Stay diligent out there.
Check out last week's blog post where we go over 10 Ways you can be More Productive Using Microsoft Word.
With phishing at an all-time high, make sure your employees are prepared by offering proper cybersecurity awareness training. Feel free to set up a call with me via the Calendly link below. I'd love to help you discover some options.
STG IT Consulting Group proudly provides IT Service for Small to Medium Businesses in Greater Los Angeles. We'd love to see if we can help you too!